Over a million developers have joined DZone.

Verizon Breach: How Cloud Encryption Can Save Your Data

DZone's Guide to

Verizon Breach: How Cloud Encryption Can Save Your Data

Yet another large company has been subject to a data breach. Read on to learn how encrypting your cloud can prevent this from happening to you.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

As has been widely reported, Verizon is the latest enterprise to be hit with a large-scale data breach. Over 14 million customer records were left exposed due to a misconfiguration in Verizon’s Amazon Web Services (AWS) instance. Among the leaked information were logs containing customer names, cell phone numbers, and account PINs. Had this data fallen into the hands of hackers, even the most security conscious users – those with two-step authentication enabled – could have been bypassed, allowing hackers to hijack a customer's account and phone number.

While AWS provides a great deal of built-in security from an infrastructure and application standpoint, the smallest misstep in a security configuration can compromise important data. For data-at-rest in AWS, encryption and contextual access controls are invaluable.

One way to limit exposure in a large-scale data breach is to encrypt all your data at rest in repositories like Amazon S3. Cloud encryption provides an additional layer of security and a dual system of control for IT administrators. Full-strength encryption that doesn't impede on application functionality where your organization controls the keys can be invaluable in protecting fields or files in all your sanctioned cloud apps.

Contextual access controls are key in ensuring that data doesn’t fall into the wrong hands. These controls can be used to limit data access to relevant functions within an organization or to individual users. Controlling access based on the sensitivity of data in any application coupled with access controls can be incredibly effective if that decrypted data is only accessible to a select few.

In the event of a breach where data is being exfiltrated, user and entity behavior analytics (UEBA) can also identify suspicious behavior or malicious/anomalous activity. These real-time security protocols can limit or block access to data based on how credentials are being used.

Consistent security requires a dedicated cloud security platform with a neutral approach that allows admins to configure policies across multiple apps for total data protection.

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

security ,cloud security ,encryption

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}