Shadow data is the largest threat to your data security that you don’t even know about. There is nothing that is growing faster in the cloud than data.
It only takes one developer to leave an S3 bucket with user data open or leave a redundant copy of data out there after a cloud migration. The result is shadow data that’s just lying around, worst of all, it doesn’t even take an elite hacker to find it. There are automated scans running everywhere on the internet that are constantly looking for weaknesses or opportunities to find this “shadow data.”
According to Flexera 2021 State of the Cloud Report, 92% of enterprises today have a multi-cloud strategy—82% of which have embraced a hybrid approach. Which leaves an open invitation for shadow data to accumulate because of how difficult these environments are to monitor effectively. There are many risks to not having visibility over all of your cloud data, especially shadow data, here are a few: (1) you don’t know what or where sensitive data is located in your cloud environments, (2) the HUGE reputational damage you may face resulting from an unsophisticated attack, perhaps from an attacker that is just looking to make headlines to increase their reputation at your expense, (3) the millions you spent on your security program could be a waste because data was left out there without proper security controls, as someone made a misconfiguration error, and (4) those dreaded, four-letter words (acronyms) GDPR, CCPA, CPRA…a.k.a., the regulatory liability of your data being discovered.
Got your attention now?
The first step to combatting this pesky thing called “shadow data” and significantly reducing your organization’s security risk starts with acknowledging and understanding this shadow data. Unmanaged data stores and shadow data are a natural byproduct of the race to the cloud. But with proactive planning there are ways to ensure visibility and protection of this data in all the places it may be hiding.
However, not all solutions for combatting shadow data are created the same. In your evaluation of cloud data monitoring solutions, top of mind should be looking for solutions which discover and classify all data, including shadow data, continuously for complete visibility. It’s also important to find a solution that will secure and control data to detect leaks and remediate without interrupting data flow, automatically improving your risk posture. Be sure to look into platforms that can scan your entire cloud account and automatically detect all data stores and assets, not just the known ones. This data observability allows a deeper understanding into where your shadow data stores are and who owns them, leading to a secure environment and the ability to thrive in a fast paced, cloud-first world.
Headed to Black Hat USA?
If you are interested in a deeper and more holistic understanding of cloud data security, we have three top briefing session picks at Black Hat USA, compliments of our head of solution engineering, Jon Tobin. Check them out!
Backdooring and Hijacking Azure AD Accounts by Abusing External Identities
Speaker: Dirk-jan Mollema, Security Researcher at Outsider Security
Tracks: Cloud & Platform Security, Enterprise Security
This briefing session is relevant to cloud security and in particular it will give insights into cloud access/permissions that allow attacks to exist in Azure AD. The session will also provide solutions to harden against these attacks and detect abuse of the technicalities that eventually lead to the abuse. Find out more here.
IAM The One Who Knocks
- Igal Gofman, Head of Security Research at Ermetic
- Noam Dahan, Research Lead at Ermetic
Tracks: Enterprise Security, Cloud & Platform Security
An interesting session about managing identities and access to multi-cloud environments to reduce the attack surface in enterprise cloud environments. Promising to supply actional steps “anyone can follow”, along with a comparison of the three primary cloud services: AWS, Azure, and GCP. Be sure to check it out, you can find more information on the briefing session here.
Better Privacy Through Offense: How To Build a Privacy Red Team
Speaker: Scott Tenaglia, Engineering Manager at Privacy Red Team, Meta
Tracks: Privacy, Lessons Learned
Privacy is an important component of a holistic cyber security program because they test how well the program stands up to threats from real adversaries. If you are looking for a deep dive into privacy, this is a great briefing session to check out to learn: what a privacy red team is, the challenges they face, and examples of real world operations performed by the Meta privacy team. Learn more about this session here.
Meet us here
The Laminar Security team is going to be at Black Hat in full force, and we’d love to meet you to learn about your cloud data security challenges, including shadow data, and how we can partner with you to solve them. Stop by to find out why Laminar is providing cloud data security at the speed of cloud.
Laminar Booth #2500
Mandalay Bay, Las Vegas, NV
If you liked what you saw here, then be sure to share with your co-workers and friends because we want to hear from you! Follow us on Twitter @laminarsec or find us on LinkedIn. Don’t forget to @mention us and #blackhat or #blackhat22 when spreading the word!