Almost every organization has a “cloud” or “digital transformation” initiative, which typically involves moving company systems and data to the cloud to increase accessibility and collaboration. Yet, as more and more data is moved online, backdoors are often unknowingly left open, which can expose sensitive data if someone just knows where to look. This is exactly what we observed in our recent research report, Chronic [Cyber] Pain: Exposed and Misconfigured Databases in the Healthcare Industry, where we found that roughly 30% of healthcare organizations have left their databases (chock full of ePHI) openly accessible to the web.
This issue isn’t just limited to healthcare organizations. Every industry holds sensitive data that often gets unknowingly exposed, whether that be through an unsecured DevOps server, misconfigured collaboration tools, or by not changing the default settings for a database.
Here are 5 simple tips every organization can use to limit their risk of sensitive data being exposed and stolen.
Use Multi-Factor Authentication for Web Applications: If you’re using a system that only needs a username and password to login, you’re making it significantly easier to access. Make sure you have MFA setup to reduce unauthorized access.
Tighter Access Control to Resources: Limit the number of credentials to each party accessing the database. Additionally, limit specific parties’ access to only the information they need. This will minimize your chance of being exploited through a 3rd party, and if you are, will limit the damage of that breach.
Monitor for Big or Unusual Database Reads: These may be an indication that a hacker or unauthorized party is stealing information. It’s a good idea to setup limits on database reads and make sure requests for big database reads involve some sort of manual review or confirmation.
Limit Database Access to Specific IP Ranges: Mapping out the organizations that need access to your data is not an easy task. But it will give you tighter control on who’s accessing your data and enable you to track and identify anomalous activity. You can even tie specific credentials to specific IP ranges to further limit access and track strange behavior more closely.
Use 3rd Party Intelligence and Pen-Testing Services: Using a hacker’s point of view can help you understand where you are vulnerable and weak. These intelligence and testing services enable you to view your organization like an attacker would, so you can prioritize and lock down access to sensitive data.
As companies continue to leverage new cloud-based technologies (which obviously have many worthwhile benefits), they need to consider and manage the risk that comes with that. Database and server misconfiguration has become increasingly common, and threat actors are starting to use this as a vector to steal and profit off of sensitive data.
Want to see how our team used simple search techniques to discover exposed databases? Download our research report now.