Most Databases in the Cloud Are Not Encrypted

By Karen A. Frenkel  |  Posted 08-25-2017 Email

The majority of databases in the public cloud are not encrypted, exposing sensitive personally identifiable information (PII) and protected health information (PHI), according to a new survey. The report, "Cloud Infrastructure Security Trends," reviews major vulnerabilities in public cloud computing environments and is the work of the RedLock Cloud Security Intelligence Team (CSI), which includes Microsoft, Credit Suisse and Honeywell. So far in 2017, the CSI team has discovered 4.8 million exposed records that contained sensitive data belonging to dozens of small businesses and Fortune 50 companies, and it saved them more than $758 million in breach costs. "Public cloud computing environments are incredibly dynamic—our research shows that the average lifespan of a cloud resource is only 127 minutes—and traditional security strategies can't keep pace," said Gaurav Kumar, CTO of RedLock and head of the CSI team. "Our report, which analyzed over 1 million cloud resources and 12 petabytes of network traffic, unmistakably shows the need for solutions that help manage security and compliance risks with ease, speed and automation."

Karen A. Frenkel writes about technology and innovation and lives in New York City.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login Register