2
Pro tip: Check your cloud storage permissions weekly, not monthly
I found a stat from a 2023 Verizon data breach report that said 68% of cloud breaches were from misconfigured permissions, not hackers breaking in. I went back and checked our own AWS buckets last Tuesday and found three that were accidentally wide open to the public. How often do you guys audit your cloud permissions?
2 comments
Log in to join the discussion
Log In2 Comments
hannahs712d ago
So a buddy of mine runs a small ecommerce site, and he thought he was being smart by setting up a shared Google Drive for their product photos. One day he gets a call from a customer who found their entire pricing spreadsheet and customer list just sitting there, no login needed. He had set it to "anyone with the link can view" and forgot about it for like eight months. Now he checks his permissions every Wednesday morning over coffee, like a weird ritual.
4
keith_singh2d ago
Oh man, that's brutal. Honestly it sounds exactly like something my buddy Mark did last year. He runs a little online shop for custom t-shirts and put all his client files in a OneDrive folder he shared with some freelancers. Well he accidentally set the link to "public" and left it like that for six months. A random person found his customer addresses and order history and emailed him about it. Mark said he nearly had a heart attack right there in his kitchen. Now he's got this whole paranoid routine where he logs into his cloud accounts every Monday morning and double checks everything. He calls it his "security coffee" and its honestly kind of funny but also super sad.
2