It has been reported that Microsoft (MSFT.O) on Thursday warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher. The vulnerability is in Microsoft Azure’s flagship Cosmos DB database. A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies. Wiz Chief Technology Officer Ami Luttwak is a former chief technology officer at Microsoft’s Cloud Security Group.
<p><span lang=\"EN-US\">This incident is a major vulnerability of the service provider, Microsoft in this case, creating a backdoor in their technology that could be exploited by attackers to get in and access the content, crypto-lock it, and exfiltrate data. All the conditions would be met for a proper ransomware attack.</span><u></u><u></u></p>
<p><span lang=\"EN-US\">Service providers and organisations alike must quickly detect and patch vulnerable assets like these, as soon as they are identified. Data exposure can be devastating and a proactive approach to security will find these vulnerabilities before they turn into devastating breaches.</span></p>
<p>Microsoft’s warning to thousands of its cloud computing customers underscores two critical points that every enterprise should heed. The first point is that if your enterprise is using cloud resources to process and store sensitive private data (including PII and PHI), then you—not the service provider—own the responsibility to secure that information appropriately. If an incident occurs, regulators will look to your organization first, so while your cloud provider can extend basic data security tools and issue helpful warnings when necessary, fulfilling on data security is all up to you.</p>
<p>The second point is that hackers will always find vulnerabilities enabling them to get closer and closer to your organization’s most valuable and sensitive data. Something more than traditional protection methods is needed to secure that data, and that something is called data-centric security. Data-centric security protects the data itself rather than borders and perimeters around it. Through methods such as tokenization, you’re able to replace sensitive data elements with meaningless tokens, so even if that data falls into the wrong hands, it’s meaningless and thus worthless on the black market. So while an incident might still occur, the impact of a breach is greatly mitigated. Remember, your cloud provider enables you to do a lot of remarkable things, but data security? Well, that one is ultimately on you!</p>