Unsecured cloud storage buckets brought misery to at least three huge firms recently, including Accenture, one of the world’s largest consulting firms. These S3 breaches result from misconfigurations of what are basically read/write permissions. Left unsecured, they’re open to public downloads, rendering enterprise and customer data vulnerable and accessible.
Yet the remedy requires only minutes to uncheck a box.
As enterprise moves data to the cloud, some aren’t paying enough attention to the right configurations of these buckets. Is your enterprise at risk? Did someone unwittingly click a “make this public” box? (Unless you’re hosting images, there is very little reason to have a public access bucket.)