#c3m

Database breaches in the public cloud are getting reported at an alarming frequency. Earlier this year, we read about a database breach that exposed over 275 Million user records. We will cover the common causes and the best practice checks that organizations should follow to ensure database security in the cloud.

Cause

A huge MongoDB database exposing 275,265,298 records of Indian citizens containing Personally Identifiable Information (PII) was left unprotected on the Internet for more than two weeks.

Security Discovery researcher Bob Diachenko discovered this publicly accessible MongoDB database hosted on Amazon AWS using Shodan, and as the historical data provided by the platform showed, this huge cache of PII data was first indexed on April 23, 2019.

Gartner had in its report published in early 2019, recommended that security leaders invest in cloud security and posture management tools to identify and remediate the risks of misconfiguration, mismanagement, and mistakes. Enterprises have since then started focusing on cloud security and are on the look-out for a dynamic cloud security solution but are still unaware of what tool to look for in a tool.

Within the cloud security space, there are Cloud Access Security Brokers (CASBs), Cloud Workload Protection Platforms (CWPPs), and Cloud Security Posture Management (CSPM) tools. While these tools offer an over-lapping set of capabilities to each other, they do not provide all the capabilities required to perform the job of the other.

2020 Cloud Security Forecast 2019 was the year of leaky buckets and misconfigurations. Several large organizations were in the news in 2019 on account of leaky buckets and misconfigurations. While Gartner has predicted that by 2022, the public cloud services market will hit $331.2 Billion, it has also predicted that 95% of the cloud security breaches will be an organization’s fault. It is unfortunate that the pace of cloud adoption is not proportional to the pace of implementation of cloud security measures.