Skip to main content
 
nz
  • The Wellington City Council (WCC) wanted to deliver quality outcomes without breaking the bank. Find out how Planit’s fast and flexible resources helped WCC achieve this goal.

this is a test Who We Are Landing Page

Amplify
DoT
 
       

INSIGHTS / Articles

Is Your Cloud Storage Secure?

 30 Aug 2018 
INSIGHTS / Articles

Is Your Cloud Storage Secure?

 30 Aug 2018 

AWS Cloud services has become one of the leading worldwide solutions providers for data management and storage, with the company boasting more than 1,000,000 active users. However, such a large business scale puts Amazon as a high-risk target of cyber security issues and attacks.

Recently, a cyber-incident occurred involving an Amazon S3 bucket, which publicly disclosed high-level information about GoDaddy’s infrastructure and finance strategies. The exposed data contained documentation on 31,000 systems, as well as Amazon-GoDaddy’s pricing and discount options.

If this information had been accessed by malicious entities, the organisation could have faced serious consequences. After all, the compromised AWS S3 bucket contained confidential correspondence between Amazon and GoDaddy that could have been used by competing market players to get ahead in the business. With approximately a fifth of the internet hosted by GoDaddy, a very-well-crafted attack could’ve disrupted a considerable chunk of the global Internet.

With so many companies using Amazon Cloud services like AWS S3 storage, cloud security plays an important role in keeping organisational and customer data safe. By analysing the details of how this incident took place, there are couple of points that provide insight into how security can be better implemented to help minimise security risks.

Ensuring secure configuration

Around 70% of cyber security incidents occur due to security misconfigurations, so relying on the security of an external vendor or service provider, even as big as Amazon AWS, Microsoft Azure and the rest, doesn’t guarantee that you will be safe.

The incident occurred by creating an S3 bucket and not following best practices. After all, S3 buckets can be locked down or made publicly available.

If the goal is to store sensitive information, S3 buckets should be locked down to authorised users that have explicit access. Creation of S3 buckets should also be done by an admin who can configure it according to best practises and ensure its appropriately locked down, in the process removing the risk of external web exposure through security misconfiguration.

Raising security awareness

Security is everybody’s responsibility and not limited to system administrators or IT security engineers to put security into practice. Having good security policies, guidelines and standards will not be effective unless it is well communicated and applied. Communication is key in raising security awareness, and should be actively promoted and monitored as part of the continuous improvement of any organisation.

Enforcing security policies and incident response

Shortly after the discovery by UpGuard, GoDaddy was notified of the issue, but the issue was not resolved for over five weeks! GoDaddy claimed it was a normal delay between the incident being reported and a fix being deployed.

With malicious actors continuously scanning for exposed data, it’s imperative that incident notifications are followed up and, if applicable, a fix is deployed within the shortest amount of time possible. Having sensitive information exposed online for a prolonged time raises the risk of someone uncovering the information and causing more serious damage to the organisation.

It is important to assess the effectiveness of the security incident response process periodically to determine if it still meets expectations, and take into account the changes in the threat landscape.

Securing cyber space is always a challenging task. There are many solutions and approaches, but no silver bullet when it comes down to securing the human factor.

Prevention is key, but if that fails, make sure you have detection and correction controls in place. Additionally, ensure your incident response is set up to remove any vulnerabilities and leaks as fast as possible.

References:

Protect Your Data and Reputation

We can help you protect your valuable assets and brand reputation. Following an international best practice methodical approach, we provide you with in-depth reports into weaknesses that attackers could exploit in your specific systems. We can then work with you to close these loopholes.
 
Find out how Planit’s three-pronged approach to security testing can help you protect your systems by addressing development, use, and infrastructure.

 

Find out more

Get updates

Get the latest articles, reports, and job alerts.