Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
As more organizations rely on third-party providers for services such as marketing, support, and operation, they are also depending heavily on these providers to protect the data properly. Recent research found that 21% of companies have their cloud storage located in a single region, said third-party security risk management platform provider Panorays.
The service providers may be storing the organization’s data with a cloud provider, and that could expose the organization to risk if the storage is not properly configured. For example, a service provider could host a website within a cloud storage bucket, such as Amazon Web Services Simple Storage Service (S3). The default configurations can lead to security issues because they make the server object and file contents publicly accessible.
Panorays assessed the external cloud infrastructure of third parties’ cloud providers as part of its research. More than 20% of companies have their cloud storage in a single region. This is not surprising, since it’s cheaper and easier for companies to deploy single-region architecture. However, this practice can be problematic when faced with disaster recovery, which is why it’s not recommended.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
Panorays checked if specific cloud services were exposed to the public because exposed cloud infrastructure resources increases risk and the organization’s attack surface. From the tens of thousands of storage buckets found in our assessment, 5% were found to have public browsing/listing permissions.
Panorays also checked if the services were located in a single geographic region since having different regions is recommended for business continuity.
These buckets belonged to professional companies and not private individuals, which may explain why the figures were lower than expected, said Demi Ben-Ari, Panorays co-founder and CTO. “Nevertheless, we expected this to be even lower, considering that open buckets remain a pressing problem that has gained a great deal of publicity lately.”
Read the full research from Panorays.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.