To recap: the personal information of millions of consumers has been exposed in yet another security compromise, this time at eBay.
eBay’s public statements informed us that a “small number of employee login credentials” were compromised, “allowing unauthorized access to eBay’s corporate network.” They also disclosed that the database that was compromised included customer names, passwords (encrypted), email addresses, physical addresses, phone numbers, and date of birth – affecting up to 145 million eBay users.
My own first take on the eBay incident was strike one (for continued reliance on passwords for corporate employees), strike two (for lacking capabilities for rapid detection and incident response), and strike three (for public communications that have been heavily focused on password resets, but completely silent on the massive identity theft problem they just created for 145 million users).
But there’s at least one more point that should be made – which is that servers (of whatever type, and wherever they may be located) will always be a prime target for attackers:
- In my own research, an analysis of some 325 organizations found that 85% of common enterprise applications are still running within enterprise-managed datacenters and server rooms (as opposed to in the public cloud)
- The IBM X-Force Threat Intelligence Quarterly, 1Q 2014 notes that “attackers are increasingly going after central, strategic targets as a means to optimize their efforts and increase their return on exploit”
- In the Verizon Business 2014 Data Breach Investigations Report, a five-year analysis of the percentage of breaches by type of asset shows that “servers have typically been on top, probably because attackers know that’s where the data is stored”
That last point is reminiscent of that old line from the Depression-era bank robber, Willie Sutton.
So it’s also worth re-examining the processes and technologies in place for datacenter security – that is, for keeping your organization’s datacenter (both physical servers, and virtual servers) secure, compliant and well-managed.
In an era of supporting greater complexity and scale with the same or fewer resources, both operational efficiency and effective security are essential. Chasing after a complex and dynamic datacenter infrastructure manually is subject to error, and chews up valuable time and resources. At the same time, an inability to keep up with essential updates and configurations – which may even lead to simply choosing to ignore the risks, in favor of meeting other business objectives – can end up costing even more as a result of successful exploits, as in the example of eBay.
Fortunately, there are proven, purpose-built security solutions designed to:
- Provide the visibility and control needed to deploy workloads flexibly, across a range of physical and virtual server scenarios
- Optimize operational efficiency, through higher levels of automation
- Ensure that server updates and configurations are in continuous compliance with corporate policies
- Help find and fix problems quickly, when they do occur
Yes, we consumers should change our passwords – but at the same time, please secure our personal information on your servers!