Proactively secure misconfigured Google Cloud Storage buckets with CybelAngel
Table of contents
2020 has changed the way we work, and the way we play. From remote working to e-learning platforms, from content streaming to online gaming, pandemic restrictions across the globe have driven an unprecedented demand for cloud services and applications.
Moving to the cloud: juggling with business opportunity and data security
The fourth quarter of 2020 was actually the largest quarterly expansion in terms of US dollars, as cloud infrastructure services spending increased 32% to US$39.9 billion over the period (source: Canalys, 2021). But this dynamism has come at a price, in the form of costly data breaches originating in misconfigured, publicly accessible cloud buckets. From cannabis retailer THSuite leaking the data of more than 30,000 individuals, to channel management software Prestige exposing 24.4GB of personal data, misconfigured AWS S3 buckets got more than their fair shares of attention. Because Amazon Web Services has remained the top cloud provider with more than 31% of the global market share, CybelAngel has scanned and monitored the AWS S3 on behalf of our customers for years. A recent study published by our cyber-analysts demonstrates that there’s still a long way to go to make sure simple configuration best practices are fully in-place (See How Secure Is Your Data in AWS S3 Buckets?)
Protecting our customers, across multiple cloud providers
The last months have proven that detecting leaking AWS S3 storage is not enough, though. In Sept. 2020, researchers found out Pharma giant Pfizer has leaked the private medical data of prescription-drug users in the U.S. for months or even years, thanks to an unprotected Google Cloud storage bucket. As Google Cloud Storage now represents 7% of the Cloud Storage market, with a 58% YoY growth, new threats emerge on this source as well (source: Canalys, 2021). CybelAngel wants to help solve this problem. Today, we are introducing new Google Cloud Storage coverage to prevent data breaches from happening.
Introducing Google Cloud Storage buckets scanning and monitoring
Our team is happy to announce we are extending our Data Breach Prevention solution to Google Cloud Storage buckets. It’s now easier than ever to protect your critical data as your supply chain moves to the cloud. Instantly deployed across your extended infrastructure, the solution requires neither probes nor sensors.
- Unmatched document-level detection. We scan active, publicly-accessible GCS buckets at the file-path level for critical documents.
- Unique Machine Learning filtering and pre-contextualization. We leverage the biggest dataset on the market to apply Machine Learning algorithms that automatically discard 99.7% of the alerts as true negatives or non-critical true positives.
- Zero-False Positives. Our cyber-analysts investigate true positives before sending out your Incident Reports.
Detect critical financial information, confidential intellectual property, and sensitive PIIs exposed on GCS buckets before they are breached. No matter whether the incident originated in the negligence of a provider, an employee, or a partner: if your data is leaking, CybelAngel will find it. Unsure whether your critical data is leaking from misconfigured Google Cloud Storage buckets? Request your free Exposure Dashboard.