Over a million developers have joined DZone.

Verizon Breach: How Cloud Encryption Can Save Your Data

DZone's Guide to

Verizon Breach: How Cloud Encryption Can Save Your Data

Yet another large company has been subject to a data breach. Read on to learn how encrypting your cloud can prevent this from happening to you.

· Security Zone
Free Resource

Address your unique security needs at every stage of the software development life cycle. Brought to you in partnership with Synopsys.

As has been widely reported, Verizon is the latest enterprise to be hit with a large-scale data breach. Over 14 million customer records were left exposed due to a misconfiguration in Verizon’s Amazon Web Services (AWS) instance. Among the leaked information were logs containing customer names, cell phone numbers, and account PINs. Had this data fallen into the hands of hackers, even the most security conscious users – those with two-step authentication enabled – could have been bypassed, allowing hackers to hijack a customer's account and phone number.

While AWS provides a great deal of built-in security from an infrastructure and application standpoint, the smallest misstep in a security configuration can compromise important data. For data-at-rest in AWS, encryption and contextual access controls are invaluable.

One way to limit exposure in a large-scale data breach is to encrypt all your data at rest in repositories like Amazon S3. Cloud encryption provides an additional layer of security and a dual system of control for IT administrators. Full-strength encryption that doesn't impede on application functionality where your organization controls the keys can be invaluable in protecting fields or files in all your sanctioned cloud apps.

Contextual access controls are key in ensuring that data doesn’t fall into the wrong hands. These controls can be used to limit data access to relevant functions within an organization or to individual users. Controlling access based on the sensitivity of data in any application coupled with access controls can be incredibly effective if that decrypted data is only accessible to a select few.

In the event of a breach where data is being exfiltrated, user and entity behavior analytics (UEBA) can also identify suspicious behavior or malicious/anomalous activity. These real-time security protocols can limit or block access to data based on how credentials are being used.

Consistent security requires a dedicated cloud security platform with a neutral approach that allows admins to configure policies across multiple apps for total data protection.

Find out how Synopsys can help you build security and quality into your SDLC and supply chain. We offer application testing and remediation expertise, guidance for structuring a software security initiative, training, and professional services for a proactive approach to application security.

security ,cloud security ,encryption

Published at DZone with permission of Chantelle Patel, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}