TechCrunch is reporting that companies are leaking sensitive data due to misconfigured Box accounts.
https://twitter.com/zackwhittaker/status/1105113673377464320
Pravin Kothari, CEO at CipherCloud:
“In the past, applications were inside the perimeter so it was not a huge issue if your applications such as SharePoint, Exchange, or File server were not properly configured. That’s no longer the case with cloud applications such as Box, AWS S3 and Salesforce. A single misconfiguration can cause havoc as all your sensitive information could be exposed to the public or hackers by a user’s inadvertent action. Not only do you have to deal with reputational damage, but if the exposed data had regulatory requirements then you’re also looking at stiff penalties.
It’s prudent for businesses to take a strategic approach to cloud security to govern all their cloud applications, scan content, and take remedial actions such as applying rights management when sharing sensitive files.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.