Microsoft cloud data breach heralds things to come

There was an accidental data leak in a Microsoft's cloud services and we can expect more in the future

By Keir Thomas, PC World |  Security, Microsoft BPOS

What might be the first major cloud data breach happened Wednesday. Microsoft announced that data contained within its Business Productivity Online Suite (BPOS) has been downloaded by non-authorized users.

You'd better get used to this kind of thing because we'll be seeing a lot more of it in the future. All any of us can do is pray we're not a victim.

The knee-jerk reaction might be to blame hackers, but that's not so here. The breach was down to an unspecified "configuration issue" in Microsoft's data centers in the United States, Europe and Asia. The Offline Address Book component of BPOS, which contains business contact information, was made available to non-authorized users in "very specific circumstances," according to Clint Patterson, the poor guy at Microsoft who's having to apologize for the mistake.

The problem was fixed two hours after being discovered (how long was it open before that?), and to Microsoft's credit it has tracking facilities in place that allow it to clean up the mess by contacting those who downloaded the wrong data.

However, the whole affair will feel like a stomach punch for anybody considering cloud adoption in the coming year--especially those considering Office 365, Microsoft's major cloud offering that ties into its Office suite.

As far as I can see, there are three basic threats that could lead to data leakage when it comes to cloud computing offerings from any vendor:

1. Misconfiguration of cloud service software, or bugs within the software;2. Hackers stealing data, for fun or profit;3. Employees being careless with data.

The third issue is nothing new, and employees with access to any sensitive data have always had the opportunity to pass it accidentally on to the wrong people. Think about all those e-mail disasters where the wrong attachment was sent, or where e-mails were accidentally forwarded to the wrong parties.

Mix humans and computers together, and there will always be issues.

However, cloud computing presents unique opportunities to mess up royally. Many cloud services make it very easy to share data with either individuals or the entire Internet. This is part of the reason cloud services exist; they allow collaborative working.


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness