Webroot’s response to the Capital One data breach
July 2019 by Matt Aldridge, Senior Solutions Architect, Webroot
Following Capital One’s data breach, Matt Aldridge, Senior Solutions Architect at Webroot, has provided a comment discussing what is needed for cloud service providers if they wish to maintain relationships and lock down valuable data.
Matt Aldridge, Senior Solutions Architect, Webroot
“The Capital One data breach highlights the risks associated with storing data in the cloud, as security practices of the cloud vendor – or in this case – misconfiguration of the cloud services, can put sensitive data at risk. There is an assumption amongst businesses that a cloud storage provider will provide all of the necessary security protection for the cloud-hosted services. Although many of the leading cloud service providers are beginning to build more comprehensive and advanced security offerings into their platforms, cloud hosted services still require the same level of risk management, ongoing monitoring, upgrades, backups and maintenance as traditional infrastructure.
While it’s reassuring to see that AWS isn’t explicitly at fault for this breach, it’s concerning that even established financial institutions with typically strong security practices, are failing to lock things down correctly. What hope is there then for SMBs with limited budgets and expertise? This breach should serve as an unfortunate reminder that like all infrastructure components, cloud storage solutions should be properly evaluated, protected and maintained.”