TechCrunch is reporting that companies are leaking sensitive data due to misconfigured Box accounts.
Some of the companies that exposed corporate or customer data from their Box enterprise accounts:
• Schneider Electric
• …and Boxhttps://t.co/uJUtNqz2OT
— Zack Whittaker (@zackwhittaker) March 11, 2019
Pravin Kothari, CEO at CipherCloud:
“In the past, applications were inside the perimeter so it was not a huge issue if your applications such as SharePoint, Exchange, or File server were not properly configured. That’s no longer the case with cloud applications such as Box, AWS S3 and Salesforce. A single misconfiguration can cause havoc as all your sensitive information could be exposed to the public or hackers by a user’s inadvertent action. Not only do you have to deal with reputational damage, but if the exposed data had regulatory requirements then you’re also looking at stiff penalties.
It’s prudent for businesses to take a strategic approach to cloud security to govern all their cloud applications, scan content, and take remedial actions such as applying rights management when sharing sensitive files.”