Blog

Why reducing data sensitivity is the best protection against cloud misconfiguration

Written by ShardSecure | February 10 2020

One of the most notable came from Microsoft, who revealed they left a staggering 250 million customer records, dating back 14 years, exposed online for a period of time just before the new year without any password protection. Unsurprisingly, the breach was a result of data misconfiguration in the cloud. Far and away the leading cause of data breaches, Gartner estimates that 95% of all breaches are due to human error in the cloud configuration process.As Microsoft commented after this most recent breach, misconfigurations are basically a fact of life in today’s cloud climate. In their statement, Microsoft explained “Misconfigurations are unfortunately a common error across the industry. We have solutions to help prevent this kind of mistake, but unfortunately, they were not enabled for this database.” Still, despite facing steep financial and reputational risks when these misconfigurations are exploited, even organizations dealing in today’s most sensitive data find the promise of on-demand scalability too promising to ignore.

As a result, there’s new demand for technology that protects against cloud misconfiguration not by hoping it can be avoided, but by reducing the sensitivity of data itself to mitigate risk when cloud misconfigurations are exploited. Take Microsoft’s recent incident again as an example; the horrifying reality was that for a period of time, anyone on the internet could have accessed the exposed server and all of the customer data on it.

The only silver lining as compared to countless other breaches endured across the globe was that the server didn’t happen to contain a wealth of customer’s personally identifiable information, or PII. That hasn’t been the case in many other security breaches of the last decade. The Equifax hack, for one, still has millions dealing with the fallout of having names, addresses and even social security numbers exposed over the internet.

As is evident when considering the two breach examples above, it’s the sensitivity of data that plays the biggest role in creating the cloud risks organizations face today. That’s why ShardSecure™ uses a technology called Microsharding™ to de-sensitize the data itself, providing a critical additional security component that helps organizations accelerate cloud adoption.

The patent-pending technology breaks data into tiny fragments, small enough to break the atomic unit of value, and distributes them across numerous servers and even cloud providers. False data is also added to “poison the well” and add another layer of obfuscation. Data cannot be reassembled without the proper credentials, ensuring that even exposed data fragments are completely unintelligible to hackers.

ShardSecure can be easily deployed as a virtual machine or a container both on-prem and in the cloud, and it integrates with all major cloud providers. By reducing data sensitivity, Microshard technology lowers compliance costs, enables customers to securely store and share data in the cloud, and helps organizations migrate onsite data backups to the cloud with confidence. Plus, as quantum computing looms and threatens encryption-only strategies, ShardSecure provides the critical additional security layer for a quantum-safe strategy in the future.

When it comes to data breaches, it’s easy to look at where the misconfiguration error was made and strive to do better in the future. Considering the prevalence of these occurrences, though, the smarter strategy goes beyond how misconfiguration errors could have been avoided, focusing instead on implementing the necessary security for when they do.

Reducing the sensitivity of data in cloud is the number one way to mitigate the risks posed by accidental or malicious exposure. Had the data in Microsoft’s December breach been Microsharded, the exposed server would have been completely unintelligible to unauthorized parties. Such is the case for countless breaches that have occurred over the last decade as cloud adoption slowly became the norm.

If you’re interested in learning more about ShardSecure for your organization, inquire here.