29.1 F
Denver
Friday, February 28, 2020
  • News

Lessons from Microsoft’s 250 million data record exposure

Must Read

Kami launches battery-powered outdoor security camera for $90

Yi Technology's Kami subbrand is known for its inexpensive but well-built smart home devices, including security technology. After introducing its first wire-free, battery-powered indoor camera a few months ago, the company has now taken the wraps off a similar cordless outdoor camera that's rated for up to six months of battery life on a single…

iPad 2020 will have incredible screen that blows the socks off OLED

Home News (Image credit: Tom's Guide) This year's iPad Pro (or iPad 2020, as we've taken to calling it) is sure to have a lot of great advancements. We've heard production has already begun, and it's likely it could be sporting an all-new stylus with haptic feedback capabilities to take on the Samsung Galaxy Note…

Samsung Begins Mass Production of Industry’s First 16GB LPDDR5 DRAM for Next-Generation Premium Smartphones

Based on Samsung’s 2nd-generation 10nm-class process technology, the 16GB LPDDR5 mobile DRAM package delivers industry’s highest performance and largest capacity Samsung Electronics, a world leader in advanced memory technology, today announced that it has begun mass producing the industry’s first 16-gigabyte (GB) LPDDR5 mobile DRAM package for next-generation premium smartphones. Following mass production of the…
Ethelyn Bryehttp://cyanosaur.com
Ethelyn Brye is an award-winning author and blogger. Growing up in Switzerland and influenced by renowned Swiss design and a lot of fresh mountain air, she attended and completed design studies in Geneva. Post graduation she moved to Washington State to work for a design firm, but her love of writing brought her to Cyanosaur. She's highly interested in strategy rpgs, mountain climbing, board games with friends and skiing. She lives in Seattle, Washington, with her lovely cat Armstrong.

Microsoft has one of the best security teams and capabilities of any organization in the technology industry, yet it accidentally exposed 250 million customer records in December 2019. The data was accessible to anyone with a browser, who knew the server location, for about a month in total before an external researcher detected the problem. The database held records of customer support engagements dating back to 2005. Once alerted, Microsoft quickly closed the hole, investigated the breach, communicated to customers, and graciously thanked the security researchers. Yes, it is terrible that sensitive data for over two-hundred million people were exposed, but how an organization responds to an exposure reveals its true nature and commitment to security, privacy, and safety. As a former cyber incident commander for a major technology corporation, I can see a number of important lessons to be learned through this snapshot engagement: 1. No matter how much you spend, what technology you use, or how skilled your operators, accidents and breaches will still happen. Nevertheless, the likely rate and impact is relative to those aspects, so it is far better to maintain a strong security posture. 2. The ability to be rapidly notified by third parties and spin-up a crisis team showcases your pragmatic insight to sustainable security. 3. A commitment to openly recognize the issue and address it quickly proves the trustworthiness of the organization. 4. Properly investigating to understand the potential impact and quickly communicating to affected parties determines the level of commitment to professional ethics. 5. Giving credit to those who found the problem in your systems, that affected your customers, is simply a class act that will pay-forward with other security researchers in the future, and shows long-term commitment to being a responsible part of the global digital ecosystem. Overall, I think Microsoft did an excellent job in responding to this data exposure event and it reinforces its current reputation as one of the best security teams in existence. There are also a number of changes that need to be implemented to improve prevention capabilities so this does not happen again in other areas. I fully expect the crisis team to have already prepared several process improvements, oversight requirements, and access controls validations to be instituted. Learning from incidents is incredibly valuable to reducing future events, if the lessons are embraced, implemented, and sustained. With a well-supported and capable cyber crisis team, companies can continually improve their security posture, rapidly address issues, and showcase a professional response to bolster customer trust, even when unforeseen events occur.
Read More

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Kami launches battery-powered outdoor security camera for $90

Yi Technology's Kami subbrand is known for its inexpensive but well-built smart home devices, including security technology. After introducing its first wire-free, battery-powered indoor camera a few months ago, the company has now taken the wraps off a similar cordless outdoor camera that's rated for up to six months of battery life on a single…

iPad 2020 will have incredible screen that blows the socks off OLED

Home News (Image credit: Tom's Guide) This year's iPad Pro (or iPad 2020, as we've taken to calling it) is sure to have a lot of great advancements. We've heard production has already begun, and it's likely it could be sporting an all-new stylus with haptic feedback capabilities to take on the Samsung Galaxy Note…

Samsung Begins Mass Production of Industry’s First 16GB LPDDR5 DRAM for Next-Generation Premium Smartphones

Based on Samsung’s 2nd-generation 10nm-class process technology, the 16GB LPDDR5 mobile DRAM package delivers industry’s highest performance and largest capacity Samsung Electronics, a world leader in advanced memory technology, today announced that it has begun mass producing the industry’s first 16-gigabyte (GB) LPDDR5 mobile DRAM package for next-generation premium smartphones. Following mass production of the…

Sony Announces the Xperia 1 Mark II: A Powerful Smartphone With Technology Taken From Its Best Cameras

There is no doubt that Sony's cameras have some of the most advanced and exciting technology out there today, and now, users will be able to experience some of those features in their phone, as Sony has announced the Xperia 1 Mark II, which boasts specs like real-time Eye AF and 20 fps burst shooting…

Patents Secured for Revolutionary Nuclear Fusion Technology

Kittiphat AbhiratvorakulGetty Images Could the key to nuclear fusion be a low-temperature reactor with no radioactive fuel or waste?Startup HB11 joins other groups seeking to shift our nuclear paradigm altogether. In HB11s reactor, lasers collide hydrogen and boron together to generate charged helium atoms.Scientists in Australia are making some astonishing claims about a new nuclear…
- Advertisement -

More Articles Like This

- Advertisement -