NSA provides cloud security policies that are triggered by Azure errors
As organizations struggle to mitigate cloud vulnerabilities, the National Security Agency has taken initiatives and released new policies to reduce cloud vulnerabilities.
In recent years, major cloud service providers such as Amazon Web Services and Microsoft Azure have been unable to avoid data breaches on their respective platforms. The NSA has made it its mission to direct users in the use of the platform.
Incorrect configuration is a major issue for users who move applications and data to the cloud, but other issues such as unauthorized access control, shared tenant vulnerabilities, and supply chain vulnerabilities NSA vulnerability is highlighted in the disclosure report, which requires damage mitigation guidance for immediate notes.
“To mitigate cloud risk, you need to be fully aware of the threats and vulnerabilities that exist. Because cloud platforms offer a variety of security benefits than on-premises technology environments, including the automation of security processes, customers need to understand that they share responsibility for protection with CSPs. apps and data in the cloud,” the report concludes.
As the adoption of cloud resources increases among enterprise users, the NSA seems to have taken the initiative to play a more proactive role in providing appropriate guidance for cloud or enterprise security.
Note: In January this year, Microsoft revealed that more than 250 million customer service and support accounts have been released to Azure due to data breaches due to misconfigurations. There are reports that hackers can access the data with web browsers because the data remains unprotected with passwords or all types of encryption.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.