Cloud security: The reason hackers have it so easy will infuriate you - 0 views
-
hackers time and again have outwitted the cyberguardians.
-
HashiCorp offers an open-source tool called Vault that stores sensitive credentials, encrypted themselves, and strictly limits what people, servers and programs can access them
- ...15 more annotations...
-
Companies have uploaded VPN and cloud access credentials to cloud storage systems that are easily accessible.
-
security breaches are routinely made worse when hackers who enter one system are then finding the keys to another lying around unencrypted.
-
developers are still regularly storing the digital keys to company assets and even user data in source code, configuration files, and other miscellaneous, unencrypted locations.
-
Unlike typical users who can memorize their passwords or store them with a secure password manager, developers and IT workers often need to keep security credentials in places where automated software can find them.
-
Sophisticated new cybersecurity tools designed to securely store these kinds of credentials in a way that legitimate, automated processes can access, and intruders can’t
-
cloud industry leader Amazon launched AWS Secrets Manager, its own credential management tool. And Microsoft offers what it calls Azure Key Vault to securely store and monitor and control access to this kind of data.
-
The main problem is that companies really don’t have policies for it or they don’t follow up and make sure those policies are followed
-
Until recent hacks made it clear that few organizations can hope to keep their networks entirely free from intrusion, many companies paid less attention to the security of data within their firewalls
-
UpGuard, known for its frequent role in detecting leaks tied to data stored on insecure cloud machines, has released BreachSight, which scours the internet for its clients’ exposed code, credentials, personally identifiable information, and other sensitive data.
-
Since last year, Amazon has also offered a service called Amazon Macie, which uses machine learning to detect unusual access patterns to cloud storage and uploads of potentially sensitive data like access keys.
-
Amazon also released open source software to help prevent accidentally storing passwords and keys to source code repositories
-
it’s possible that those types of tools will automatically be provided as part of cloud computing contracts, as standard as seatbelts in new cars.
-
Cloud computing has created a very hacking prone storage system because companies have not been paying as much attention to security as they should. Thus, by not taking the logical measures such as not uploading credentials to cloud storage systems, they are becoming prone to hacker raids. However, with the turning of the tide, new methods of security have presented themselves in the form of online tools such as HashiCorp's Vault Microsoft's Azure Key Vault, and Amazon's AWS Secrets Manager, which stores sensitive credentials in very limited access windows, as well as UpGaurd's BreachSight which detects online data leaks containing exposed and volatile client data, and Amazon's Amazon Macie, which learns the access patterns of your cloud storage,