A misconfigured cloud-based ElasticSearch database has exposed almost 7.5 million Adobe Creative Cloud user records that include email addresses, member IDs, information on installed Adobe products and subscription statuses, and whether or not they are Adobe employees.
The leaky database, which was reported to and secured by Adobe on October 19, was discovered by security researcher Bob Diachenko in partnership with Comparitech. According to Diachenko, the ElasticSearch database may have been left unsecured for about a week. Information on who was able to access this database is also unknown.
In October 2013, Adobe suffered a data breach that impacted at least 38 million users. 3 million encrypted customer credit cards and login credentials for an unknown number of users were exposed.
Adobe Creative Cloud is a subscription service that gives users access to a suite of Adobe products such as Photoshop, Lightroom, Illustrator, InDesign, Premiere Pro, Audition, After Effects, and many more. Adobe replaced its single-purchase, perpetual license model with the cloud subscription model in 2013.
Given that cloud services are offered by service providers that handle the hardware and back-end portions of the cloud, it’s easy to assume that they are also responsible for every aspect of security.
Cloud services allow organizations to focus on innovation rather than infrastructure, but it’s important to note that the different cloud service models come with a set of responsibilities for the user and the cloud service provider. This is what’s called the shared responsibility model of cloud security.
While cloud services offer convenience, it doesn’t necessarily mean that implementing a cloud workload is a “plug and play” affair. A company’s IT staff should take the time to learn all the settings and permissions of its cloud service and take advantage of any integrated security features. While this might take some time and effort on the part of the IT staff, it is necessary for securing the platform.
Businesses that are just starting to use the cloud for their operations might assume that default configurations are good enough to prevent their workloads from being compromised. However, default configurations often offer very basic or even nonexistent security.
Organizations should thoroughly check their existing credentials and permissions to confirm that access to their workloads is limited to those who should have it. Setting up multi-factor authentication also provide an extra layer of security.
A common mistake organizations make when it comes to their cloud assets is assuming that a properly configured cloud will always remain so. With the number of users accessing the cloud, any change could expose stored assets. For example, an employee may be able to create a new folder that doesn't require security credentials. The organization may not notice misconfigured settings without proper auditing and monitoring.
The large number of users accessing the cloud can make it difficult to manage. Many cloud service providers offer logging tools that can help organizations see what is happening in the cloud. These tools can also alert IT staff of any unauthorized access or attack attempts.
Implementing strict user access minimizes the chance of exposed assets and compromised data. For example, human resource personnel should not have access to accounting data, nor should sales teams have access to IT logs. Businesses should consider network segmentation when configuring their cloud, as this minimizes the risks in case they become targets of attacks.
Businesses looking to maximize their cloud security can also look into solutions that can bolster the integrated security features offered by cloud service providers. The best security solutions are those that can offer a complete package of features that include threat detection, network intrusion prevention, and security management.
The Trend Micro Deep Security for Cloud solution can provide proactive detection and prevention of threats, while Hybrid Cloud Security offers optimal security for hybrid environments that incorporate physical, virtual, and cloud workloads.
Businesses can also consider Trend Micro Deep Security as a Service, which is a dedicated protection system optimized for AWS, Azure, and VMware. It can help an organization’s IT department by securing servers without the need for any installations. It allows businesses to implement new upgrades without any downtime, and can instantly connect to the cloud and data center resources for proactive security measures.
No comments:
Post a Comment