Microsoft has announced that a database, used for storing user analytics and contained over 250 million entries, was accidentally exposed last December. What has surprised some analysts is how a major tech vendor such as Microsoft can inadvertently expose such a huge amount of customer data.
Since the incident, Microsoft has enacted auditing of its established network security rules for internal resources. In addition the tech firm has added additional alerting systems, implemented alternative redaction automation and has expanded its scope of detecting security rule misconfigurations.
To understand more about the data breach, Digital Journal caught up with CTO Dr. Vinay Sridhara of Balbix.
Sridhara starts with the key reason for the error – people: “Yet another cybersecurity prophecy has become reality, with Matthew Rathbun, CISO for Azure Government stating, “Ninety percent of my threat landscape starts with a human, either maliciously or inadvertently, making a mistake that somehow compromises security.””
Sridhara also notes how simply spending money on technology is not always the answer: “Despite spending over $1 billion annually on cybersecurity, Microsoft has exposed data on 250 million customers by exposing several databases that had no password protection or encryption, the most basic of security measures. ”
The expert adds that the Microsoft issue is just another example of cyber-risks affecting businesses: “There have been countless exposures of critical data over the past couple of years, all of which follow the same script: customer data gets uploaded to cloud server; well-meaning developer neglects to password protect or encrypt that externally exposed database; and then enters hacker or threat researcher stage.”
In terms of preventive actions, Sridhara recomemnds: “It’s becoming clear that the growing complexity of securing IT assets is an enormous challenge, even for giants like Microsoft. Enterprises must put procedures and systems in place that tighten its configuration process and uses automation wherever possible. Monitoring application and device settings and comparing these to recommended best practices reveals the threat for misconfigured devices located across your network and across all servers.”
