Amazon's got a hole in its bucket...
It’s a global cloud IT powerhouse second only to Microsoft, but as we’ve been hearing recently, its security leaves much to be desired. That’s right, we’re talking about the much maligned Amazon Web Services (AWS), used every day by major companies around the world - and responsible for leaking data from a fair few of them.
These “leaks” aren’t the result of enterprising hackers or USB sticks left on trains, but simply due to misconfiguration. Improperly setup security on Amazon’s Simple Storage Service (S3) “buckets” can leave data exposed to public access, without even requiring a username and password. A handful of tools have emerged allowing users to search these “buckets” for unsecured data, including the widely reported “Buckhacker”.
Of course, there’s a simple solution to this problem - configure your bucket security properly. But consider this: some seriously sensitive data from some massive organisations has been leaked this way, from FedEx and the Dow Jones to the US Army and the Pentagon. These failings were put down to simple process errors in IT departments, which begs the question - if even the Pentagon, a supposed hive of high security, can slip up with sensitive data in AWS buckets, can you really trust the service with your own business? We don’t think so.
So what are the alternatives? You could invest in another cloud platform, like Microsoft Azure, but that doesn’t exactly solve the problem. Another large public-facing cloud provider is likely to run into similar issues. Much like how the rapid expansion of the Roman Empire left them unable to defend themselves against threats on all fronts, a corporate cloud provider on the scale of Microsoft or Amazon has ballooned so massively as to render lingering issues ever tougher to wrangle and resolve. Alternatively, one could choose to store sensitive data on-site, eliminating the risks and insecurities of the cloud entirely. But in eliminating those risks, one also eliminates any possible conveniences the cloud brings to the table. Access from anywhere, resilient backups, business continuity; little luxuries afforded by cloud technology which modern business shouldn’t do without.
As for us at Silver Lining? We provide, and use in-house (we’d be hypocrites not to) our own cloud IT platform called RevolutionCloud. This platform is entirely owned and operated by a single party, and one of the key reasons for its conception was to break away from the well-worn flaws of the big public cloud players and build something altogether more customer-focused. Most importantly in this scenario, RevolutionCloud is fully managed by a team of experts, who will configure server security and access permissions to meet your needs - no leaky buckets here! There’s another minor convenience to this platform; being orders of magnitude smaller than the likes of AWS or Azure, RevolutionCloud is extremely unlikely to have opportunistic hackers writing tools to search it for unsecured data any time soon. A private cloud service such as ours is like an exclusive VIP cloud club, and we’d highly recommend it over the big boys if you’re interested in complete control and security.
Want to know more about what a private cloud platform could do for you, and what sets it apart from AWS and Azure? Talk to Silver Lining today about hosted desktop, virtual servers, cloud telephony and more with RevolutionCloud.
Share this on social media:
We support Fusion People with their IT and telecommunications. Watch how they made an annual saving of 40%.
Contact us today for help or advice on your IT & telecoms and receive a FREE Costa!
The player supports TAB to change the controls. Update Required<br/>To play the media you will need to either update your browser to a recent version or update your <a href='http://get.adobe.com/flashplayer/' target='_blank'>Flash plugin</a>.