Dubbed “BlueLeaks,” the leaked data contains more than one million files, such as scanned documents, videos, emails, audio files, and more. The data has been made available online on a searchable portal., as ZDNet reports. The leaked data contains more than one million files, such as scanned documents, videos, emails, audio files, and more.
To gain an insight into the issue, Digital Journal caught up with Pulse Secure’s Global Chief Security Architect, Mike Riemer.
According to Riemer: “The BlueLeaks hack is the latest example of malicious actors targeting third-party vendors to access sensitive government data. Despite the fact that poor security practices among contractors often result in larger breaches like this one, which included data from over 200 law enforcement agencies, reliance on third-party entities to manage data and digital services continues to grow in the government sector.”
In terms of how the issue can be addressed, Riemer recommends adopting a Zero Trust approach. Zero Trust , according to Microsoft,is a network security model, based on a strict identity verification process. The framework dictates that only authenticated and authorized users and devices can access applications and data.
In relation to this Riemer recommends: “The only way to immediately begin mitigating this risk is through a Zero Trust framework, which requires thoroughly vetting all users, devices and applications before they have access to sensitive data, which extends to outside vendors. In order to balance accessing best-in-class services offered by tech services and manage the risk incurred through a complex digital ecosystem, Zero Trust is vital to government organizations.”