• Link to Facebook
  • Link to LinkedIn

Tel: 020 7250 3840

4TC Services
  • Home
  • IT Support
    • About Managed IT
    • Fully Managed
    • Proactive IT Support
    • Ad-Hoc
    • Mac Remote Management
    • Installation and Relocation
  • Backup
    • Direct to Cloud Backup
    • Disaster Recovery
  • Security
    • Digital ID & the Dark Web
    • Anti-Virus
    • Mail Archiving
    • Managed Anti-Spam
  • FileMaker
  • Cloud
    • IT as a Service – IaaS
  • About Us
    • Contact
    • Cookie Policy
    • Privacy Policy
    • GDPR – Statement
  • Telecoms
    • Teams – Voice and Video calling
  • Products
  • Blog
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
office

Cloud Breaches Set to Grow in “Velocity and Scale”.

Cloud breaches are likely to increase in “velocity and scale” due to a prevalence of poor cybersecurity practices in cloud configurations that are creating exposures. This is according to the most recent The State of DevSecOps report by Accurics, which assesses cloud configuration practices that lead to breaches.

The study found that 93% of cloud deployments analyzed contained misconfigured services, while 91% of deployments have at least one network exposure where a security group is left wide open. Accurics noted that “these two practices alone have been at the center of over 200 breaches that exposed 30 billion records in the past two years.”

There were also other emerging practices that were observed to be creating exposures. This included the presence of hardcoded private keys in 72% of deployments. Additionally, half of deployments had unprotected credentials stored in container configuration files. The report added that “these keys and credentials could be used by unauthorized users to gain access to sensitive cloud resources.”

Close to a third (31%) of organizations were shown to have unused resources, with the primary cause being that resources are added to a default virtual private cloud (VPC) upon creation if a scope is not defined.

Commenting on the report, Matt Yonkovit, chief experience officer at Percona, said: “The best approach here is to have an audit to check that your best practices are in place and being followed. This can help show where security steps are missing, and you can then put them in place where needed. Over time, you can check that all your responsibilities around data backup, security and management are done correctly.

“It’s less about the department and more about the situation. Security problems can be caused by people who are underqualified, using complex and powerful tools they don’t fully understand or haven’t enough experience with. Easy access to technology can give users a false sense of security, and a misconception that because it is backed by a big name, it must be tested, trusted, and fail-safe.”

Greg Martin, general manager for security at Sumo Logic added: “Increasingly organizations are experiencing serious data breaches due to basic cloud vulnerabilities such as this study highlights. Developers and security teams need to focus on awareness and training for common cloud security issues and more importantly automation to audit and identify gaps and vulnerabilities as they arise. Cloud security is the new frontier and most organizations are significantly lagging behind.”

Last month it was revealed that 260,000 actors had their personal data exposed due to a cloud misconfiguration error on a server belonging to a New Orleans-based casting agency.

We’re 4tc Managed IT Services

4TC can support you with all the services you need to run your business effectively, from email and domain hosting to fully managing your whole IT infrastructure.

Setting up a great IT infrastructure is just the first step.  Keeping it up to date, safe and performing at its peak requires consistent attention.

So we can act as either your IT department or to supplement an existing IT department. We pride ourselves in developing long term relationships that add value to your business with high quality managed support, expert strategic advice, and professional project management.

News Source: https://www.infosecurity-magazine.com/

Search Search

Recent Posts

  • How to Protect Your Business from Cyber Threats with Digital ID Monitoring
  • 10 Game-Changing Strategies to Boost Productivity and Optimise Your Business Operations
  • How to Work Smarter, Not Harder: The Ultimate Guide to Business Efficiency
  • 5 Things Remote Workers Should Have in Place for Threat Prevention
  • Cyber Security for Remote Workers: Protecting Data Outside the Office

Recent Comments

    Archives

    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • May 2017
    • June 2015

    Categories

    • 4TC
    • Anti-Spam
    • Blogs
    • Cyber Security
    • Data Science
    • Disaster recovery
    • IT Services
    • News
    • Services
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    4TC Services

    Email: support@4tc.co.uk

    Tel: 020 7250 3840

    London Office

    5th Floor, 167‑169 Great Portland Street
    London
    W1W 5PF

    Essex Office

    Dew Gates The Street
    High Roding
    Essex
    CM6 1NT

    Signup for IT News!



      © Copyright - 4TC Services
      • Link to Facebook
      • Link to LinkedIn
      Link to: Password Reuse to Blame for Fifth of Account Takeovers Link to: Password Reuse to Blame for Fifth of Account Takeovers Password Reuse to Blame for Fifth of Account TakeoversComputerLink to: WastedLocker Ransomware “Most Sophisticated Attack” Link to: WastedLocker Ransomware “Most Sophisticated Attack” officeWastedLocker Ransomware “Most Sophisticated Attack”
      Scroll to top Scroll to top Scroll to top