Rubrik, an IT security and cloud data management giant, exposed a whole cache of customer information, improperly stored in an Amazon ElasticSearch database. A little over a month into 2019 and Rubrik has become the fourth company we’ve featured in 2019 that has left a ElasticSearch Server unprotected and exposed.
The First Three Offenders:
- Voipo: Telecoms company the provides VoIP services
- Mountberg Limited: Online casino group
- Acension: Data and analytics company for the financial industry
According to TechCrunch, (exactly like the three companies listed above) Rubrik’s ElasticSearch server wasn’t protected with a password exposing tens of gigabytes of data including customer names, contact information, contents of customer service emails, customer IT/cloud set-up and configuration information, and email signatures with names, job titles and phone numbers.
“It’s somewhat ironic, given that the IT unicorn, valued at $3.3 billion, recently announced that it’s expanding into security and compliance services.”
Even for a massive IT security and data management company like Rubrik, learning about how to configure ever-evolving cloud services correctly is a daunting task. It is even more daunting to know how to do this relative to the security standards (e.g., CIS Benchmark or NIST CSF) and regulatory frameworks (e.g., PCI DSS or HIPAA) that a company chooses to or must comply with. And lastly, it is difficult for any one person or group of people to achieve 100% consistency in applying these standards at the speed and throughput that we ask our tech teams to operate.
What’s the solution?
Organizations need an automated cloud security solution that provides the automation essential to enforce policy, thus reducing risk, provide governance, impose compliance, and increase security across large-scale hybrid cloud infrastructure. Security automation should take the pain out of making cloud infrastructures secure in a shared responsibility world by providing a framework for what organizations should be doing via a continuous, real-time process. By utilizing security automation, companies can stay agile and innovate, while maintaining the integrity of their technology stack and apply the policy they deem necessary to operate their business.
Core to a company’s solution should be an easy-to-use interface from which clients can manage their existing cloud infrastructure. At scale, policy enforcement cannot and should not be performed manually. Security automation can discover and automatically take action to address policy infringements or security issues (like an exposed ElasticSearch Database). It also allows for simultaneous offense and defense, resulting in increased innovation and a reduction of risk.
Interested in learning more? Speak with a DivvyCloud expert today!
DivvyCloud minimizes security and compliance risk by providing virtual guardrails for security, compliance, and governance to customers embracing the dynamic, self-service nature of public cloud, and container infrastructure. Customers like General Electric, Discovery Communications, and Fannie Mae run DivvyCloud’s software to achieve continuous security governance in cloud and container environments (AWS, Azure, GCP, Alibaba, and Kubernetes). First, our software performs real-time, continuous discovery of infrastructure resources allowing customers to identify risks and threats. Second, customers can implement out-of-the-box or custom cloud-native policy guardrails that identify and alert on violations. Third, we automate the enforcement and remediation of these policies.