The intangibility of cloud storage makes it easy to leave the proverbial front door unlocked. This is exactly what happened when a developer at Uber inadvertently included the startup’s Amazon Web Services login credentials in code shared to the open source site GitHub – exposing the private data of 50 million of the platform’s customers.
Unfortunately for businesses large and small, the mistake made is likely no outlier. Jeremiah Grossman, Chief of Security Strategy at SentinelOne, explained in Inc :
“The average piece of software today has to take data from multiple locations and bring it to one spot,” Grossman explains. ”When you’re developing software, your code might have to authenticate to Amazon, or to Facebook, or to many other systems. So developers are including those authentication keys in their source code because the software needs to leverage those credentials.”
So if you’re still in search of your company’s New Year’s resolution, it might be time to review the process for safeguarding the login credentials to your current cloud provider.
