Is Your Cloud Provider Exposing Remnants of Your Data?
If your organization uses a multi-tenant managed hosting service or Infrastructure as a Service (IaaS) cloud for some or all of your dataAAand you aren't following best practices by encrypting that dataAyou may be inadvertently exposing it.
Last year, information security consultancy Context Information Security was tasked by a number of its clients, mostly banks and other high-end clients with serious security concerns, to determine whether the cloud was safe enough for their computing needs.
Context studied four providers: Amazon, Rackspace, VPS.net and GigeNET Cloud. And in two of the four providersAand potentially many othersAit found a security vulnerability that allowed it to access remnant data left by other customers. "We were looking at the unallocated portions of the disk," says Michael Jordan, manager of research and development at Context. "We were able to look through it and started to see there was data in there. That data was hard disk data and it wasn't our hard disk data."
- Thu, 2013-03-07 07:04
- Mon, 2012-09-10 09:14
- Mon, 2012-08-06 23:14