A website created by anonymous hackers has been launched allowing anyone to search for unsecured sensitive data stored in the cloud – Buckhacker is a tool that trawls servers at Amazon Web Services (AWS) and searches for exposed data. Mark Hickman, Chief Operating Officer at WinMagic commented below.
Mark Hickman, Chief Operating Officer at WinMagic:
“Regardless of the cloud service enterprises use, they must fulfil their part of the ‘shared responsibility’ deal when it comes to security. Customers should encrypt all data before it is placed in the cloud, it is the last line of defence if a hacker gains access to their cloud services. Equally important, is that encryption is employed where the keys are centrally managed and remain under the customer’s constant control, and the keys never stored on a public cloud service, or servers that could be exposed to a hack. Ultimately this is the best way to defend against direct attacks and tools such as Buckhacker. Adopting this approach means customers are protecting their data, whilst the cloud provider focuses on protecting the services – both working together to lower the risk of a data breach.”