Catching Configuration Changes that Can Lead to Data Exposure

Amazon’s new security issue, which came to light just days before one of its biggest sale events of the year, is making recent headlines. And whilst it probably won’t stop the online retail giant from achieving a profitable Black Friday and Cyber Monday this year, it certainly will make many users stop and think.

Though it’s still early in the disclosure period, Amazon stated that the incident did not amount to a “breach of its website or any of its systems, but a technical issue that inadvertently posted customer names and email addresses to its website.”

It’s quite possible that this statement will be all that the general public ever gets to know about the incident. Even so, I imagine teams at Amazon were no doubt sitting down in meeting rooms for long conversations about the lessons that are to be learned and how the company can avoid similar headlines.

When I’ve sat in on such meetings in the past, a lot of the conversations for these issues stem not from an outsider threat but from a risk much closer to home – a simple misconfiguration. Whether it was an inadvertent firewall rule or a single typo leaving an access setting left open, human error still remains one of the top risks to an IT organisation’s security.

With Tripwire Enterprise, there are implementations configured to monitor your IT infrastructure for change (including Amazon Web Services). These implementations can make a wealth of data immediately available to all parts of the IT organization. The organization can then use that data to manage both the expected changes and unexpected defects that can detect a breach.

But collecting the data alone doesn’t necessarily facilitate the positive changes needed to reduce these risks. Properly managing the data collected and identifying ways to (Read more...)