WHAT ARE MISCONFIGURATIONS?
Misconfigurations occur when computing assets are set up incorrectly, often leaving them vulnerable to malicious activity.
65-70% of all security issues start with misconfigurations.
HOW DO THEY HAPPEN?
- Storage access : Cloud users wrongly assume that “authenticated users” covers just their organization, in actuality, this refers to anyone with an Amazon Web Services® (AWS) account.
- “Secrets” management: Some enterprises fail to properly secure their “secrets” (passwords, credentials, etc.), exposing their data to malicious actors.
- Disabled logging and monitoring : Without proper review, an organization can miss important maintenance alerts or security-related events, putting them at risk for serious security implications.
- Overly permissive access to hosts, containers, and virtual machines : Businesses often forget to shut down legacy ports and protocols, essentially leaving the door open to potential attacks.
- Lack of validations : Without systems to check and identify misconfigurations as they occur, businesses have no way to know of and properly address security flaws.
To read full download the whitepaper:
Three Must-Haves for Ransomware Data Protection