Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Endpoint Protection
View Only
Community Home
Threads
Library
Events
Members
Back to Library
User Ignorance of Cloud Services Poses a Data Leak Challenge
1
Recommend
Jul 12, 2013 06:36 AM
Migration User
Cloud-based online services are useful tools for many enterprises, allowing them to coordinate their teams, share information and enable discussions within groups. However, companies should be sharply aware of how they manage their privacy settings for these services before discussing business critical matters or uploading sensitive data.
It seems that many Japanese organizations have learned this the hard way. A Japanese newspaper found more than 6,000 cases
where public and private organizations exposed internal communications
by using the default Google Groups privacy settings. Keeping the default settings allowed for public access to discussion threads rather than making them only accessible to pre-approved members. The newspaper found that hospitals and schools posted records on their patients and students and at least one political party exposed a list of its supporters. In fact, the newspaper itself admitted that its journalists made the same mistake, potentially revealing draft news reports and interview transcripts to the world.
The Japanese government was also involved in this and admitted that officials accidently posted internal memos publicly simply because they used the wrong privacy settings for Google Groups online discussions. This included details on planned negotiations on an international mercury trade treaty along with discussions about this between Swiss and Norwegian environmental ministries. The Japanese environmental ministry’s spokesperson said that while the internal documents were not confidential, it has since taken corrective steps to protect its data.
There
have been cases in the past where
, even if the cloud service provider has set its default settings to private, users seemingly inadvertently set them to public and exposed data. As a result, more than 12 thousand data buckets were uncovered and almost 2 thousand were visible to the public. The buckets included 126 billion files which included data from social networks, sales records, video game source code and unencrypted database backups.
These cases show how easily sensitive data can be exposed simply by human error as opposed to malicious attack. The fact that this error was so widespread is worrying and suggests that many simply assumed that their communications were private, rather than checking to see for themselves. Before using any communications tool, always check the privacy settings to ensure that everything is protected.
Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads
Tags and Keywords
Related Entries and Links
No Related Resource entered.
Copyright 2019. All rights reserved.
Powered by Higher Logic