Research Eyes Misconfiguration Issues At Google, Amazon and Microsoft Cloud

 

Research Eyes Misconfiguration Issues At Google, Amazon and Microsoft Cloud

Qualys report looks at how misconfiguration issues on cloud service providers help attackers gain access.Cloud misconfiguration — incorrect control settings applied to both hardware and software elements in the cloud — are threat vectors that amplify the risk of data breaches.

 A new report from cloud security vendor Qualys, authored by Travis Smith, vice president of the company’s Threat Research Unit lifts the lid on risk factors for three major cloud service providers.

Smith wrote that Qualys researchers, analyzing misconfiguration issues at Amazon Web Services, Microsoft Azure and Google Cloud Platform, found that within Azure, 99% of the disks are either not encrypted or aren’t using customer-managed keys that give users control of encryption keys that protect data in software as a service applications.