Forrester Research
for Forrester
| November 4, 2021
| Topic: Cloud
As frontline cyber defenders scramble to respond to the Azure Cosmos DB vulnerability disclosed in August, enterprise risk management (ERM) professionals are considering the implications for compliance in the cloud.
See: Azure Cosmos DB alert: This critical vulnerability puts users at risk
The latest cloud compliance conundrum emerged in early September, when security researchers discovered that Cosmos DB had a backdoor for the past two years that created the potential for any user to steal the access keys of any other user. The flaw was based in an auxiliary notebook designed for ease of use. Microsoft turned on that feature for all Cosmos DB users in early 2021 — whether they wanted it or not. The problem was that the tool made it easy to access other customers’ data, too. All of it.
Digital Transformation
|
Data Centers
|
CXO
|
Innovation
|
Storage
|
Cloud TV