Threat Tuesday: Protect Your Data When Using Cloud Infrastructure


Cloud or on-prem? That is the big question facing any IT executive, project manager or director who is spinning up a new project or planning for the future of their infrastructure. Public cloud infrastructure like AWS and Azure have for many years promised to streamline the growth of highly scalable environments and reduce the burden of maintaining on-premise assets.

While there are many good reasons that a business may choose to leverage cloud resources, there are data security considerations that must be taken into account before going all-in.

Cloud Misconfiguration Can Be Costly

Proper security configuration is key to any data protection strategy. But in the cloud, any mistakes or configuration errors are amplified. According to the 2020 Verizon Data Breach Report, “Misconfiguration/errors” have gone from the #8 cause of data breaches to the #4 slot, largely driven by data exposures in the cloud.

In a common scenario, an administrator may temporarily change permissions on a cloud storage container for testing, debugging, or some other purpose, intending to change the permissions back after a brief period of time. But then he forgets, leaving the container to fill up with private data that is then able to be accessed by anyone and everyone on the Internet.

Data exposures from misconfigured Amazon S3 buckets became so common that Amazon was forced to add giant orange warning signs and make other changes to the AWS admin console to make it more difficult to accidentally grant public access to private data.

On-Prem Isn’t Perfect Either

This isn’t to say that the cloud should be shunned and that all of your data needs to remain on-prem for it to be secure. The same Verizon report concluded that some 71% of data breaches still involve on-premise assets. So while on-prem does give you some level of control over your data, that advantage remains only as long as the data remains in your control.

So you’ll need to take steps to ensure that your data remains in your control. For example, when it’s time to dispose of old server hardware, storage arrays, SAN disks, as well as workstations and laptops, be sure that they’re being disposed of properly.

A NAID AAA certified data destruction company, like CyberCrunch, can help you by securely shredding or wiping your old equipment before recycling it. Our data destruction experts can help you make sure that your data is 100% protected from the time it leaves your facility until it’s securely destroyed at ours. Contact us for a free consultation today.