On June 12, 2017, Chris Vickery, a cyber-risk analyst with security firm UpGuard Cyber Risk made a startling discovery: a Republican data firm called Deep Root Analytics, acting on behalf of the Republican National Committee (RNC), had posted a 1.1 TB database with detailed records on 198 million Americans on an Amazon Web Services (AWS) server and had left the database unsecured. Default AWS security controls had been turned off, and anyone who already knew or could guess a six-character string could access a database of very detailed information, including:
Vickory’s assessment of how hard it was to find this data? “Not very difficult.”
As UpGuard noted in a blog post about their discovery: “Anyone with an internet connection could have accessed the Republican data operation used to power Donald Trump’s presidential victory, simply by navigating to a six-character Amazon subdomain: ‘dra-dw’.” The six-character string “protecting” the data simply combined the acronyms for Deep Root Analytics and Data Warehouse.
UpGuard considers the incident “the largest known data exposure of its kind.”
And they noted:
That such an enormous national database could be created and hosted online, missing even the simplest of protections against the data being publicly accessible, is troubling. The ability to collect such information and store it insecurely further calls into question the responsibilities owed by private corporations and political campaigns to those citizens targeted by increasingly high-powered data analytics operations.
Trend: Weak Security Practices in the Cloud
Commenting on the RNC data breach, Adam Conway, vice president of product management at Bracket Computing, noted “how easy it is to make mistakes configuring cloud storage resources -- mistakes that can put critical, sensitive assets at risk."
As enterprises race to migrate data and services to the cloud, these mistakes are likely to become only more common. Many IT organizations recognize the risk. A survey by Solar Winds found that while 95% of IT professionals had moved at least part of their IT infrastructure to the cloud in the past 12 months, 35% had ended up moving data and services back on premises because of concerns about security, compliance, or performance.
The best solution is twofold: train IT staff on best practices for security, and implement a cloud content security solution that enforces best practices automatically, making it extremely difficult for leaks like the one at Deep Root Analytics to occur.
The kiteworks Secure Content Collaboration Platform
Accellion kiteworks provides a secure alternative to unsecured public cloud services.
kiteworks is a private cloud / on-premises secure content collaboration platform that enables users to store, share, send, and collaborate on confidential files securely. To protect data, kiteworks encrypts data in transit and at rest, enforces strict access controls, and provides IT administrators, security teams, and compliance officers with detailed logging and reporting.
In addition, kiteworks' secure content connectors enable the platform to serve as a single, controlled, and monitored interface between users and Enterprise Content Management (ECM) platforms such as Microsoft SharePoint, OpenText Documentum, and Box, as well as public-cloud file-sharing services such as Dropbox, Google Drive, and Microsoft OneDrive. These content connectors enable organizations to keep their data where it belongs and avoid costly and risky content migrations to new systems. As a result, kiteworks enables employees across the enterprise to store content on any of these platforms and services, while benefitting from enterprise-grade security and compliance.
To learn more about kiteworks and its benefits for cloud security, please contact us.