McAfee study finds poor setups, even worse visibility
The ongoing rash of data leaks caused by misconfigured clouds is the result of companies having virtually no visibility into how their cloud instances are configured, and very little ability to audit and manage them.
This less-than-sunny news comes courtesy of the team at McAfee, which said in its latest Infrastructure as a Service (IaaS) risk report that 99 per cent of exposed instances go unnoticed by the enterprises running them.
Such unsecured instances (usually storage buckets or databases left accessible to the general public) have been responsible for many of the largest data leaks in recent years after researchers or, in some cases, hackers, stumbled upon the exposed servers and made off with their contents.
McAfee's study, based on a sample of 1,000 enterprises in 11 countries as well as anonymized customer data, suggests that most businesses are woefully unaware of what data they have facing the internet.
Customers told the security house they had, on average, around 37 instances of misconfigured systems and folders arise per month.