Last month World Wrestling Entertainment (WWE), Inc., was hacked and the breach exposed the birthdates, earnings, ethnicity, gender, email addresses, and other private information of more than 3 million users. According to experts, the breach occurred at two open and publicly accessible Amazon Web Services (AWS) “buckets,” or servers that the WWE used to store data.
The point of this post is not that the data breach occurred, it is that Amazon announced that it was not responsible for the hack.
Amazon offers multiple options for securing data through its Web Services Shared Responsibility Model, but those options are (true to definition) optional, and customers are not required to take any safety precautions.
As we explain in our Moving to the Cloud infographic, public cloud (i.e. AWS) services’ infrastructures are secure, but unlike the data protection also provided by private cloud (i.e. Fpweb.net) services, public clouds only protect their platform.
Most public cloud services provide incident response, malware protection, and a range of disaster recover fail-over profiles, but because they operate such a large, automated platform, there is a clear delineation of personalized data management responsibilities being those of the customer and not the provider.
This security gap was exploited by a hacker, an inside bad actor, or even just an inattentive WWE employee who misconfigured the privacy permissions on the company’s information, shifting it from private to public. The breach was detected within hours, WWE locked down the leaked data, and put new measures in place to enhance protection going forward.
Proper information security measures and data compliance processes could have prevented the damage. It’s no longer a matter of if your business will face cyberattackers, but when.
The FBI has surmised that there are two types of companies – those that have been hacked and those that don’t know they’ve been hacked. There are some estimates that the economic damage from cybercrime will top $5 trillion by 2020. That disruption disproportionately affects small to medium-sized businesses, as one in five don’t survive a cyberattack.
Fpweb’s private cloud servers and storage services provide total compliance in a single-tenant computing environment. Each enterprise-class private cloud is powered by VMware or Hyper-V technology, and is rent controlled with an unmetered pricing structure. The result is a more secure, compliant, and supported environment than any public cloud.
You can use Fpweb’s managed security services to safeguard your network and clouds, fill the security gap at your company, and allow your team to focus on your core business. Get the tools and extended team to secure your data and protect your brand now.
By the way, for any creative types out there who enjoyed this post, feel free to submit an illustration that we can add to this post of a big, muscular wrestler with a title belt slung over one shoulder, hands raised in disbelief, standing next to a car with the WWE logo on it and its wheels and stereo missing, parked next to a disclaimer sign with the AWS logo on the top stating that they are not responsible for any damages caused by fire, theft, or any other cause because vehicles or property left there at owners own risk. We’ll credit the image to you and send you some swag!