One frequent selling point for cloud solutions is that WE the hired-hand storage experts can take better care of your precious data than you can. I sense Death of a Salesman...
. . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW robin...@sce.com -----Original Message----- From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of Clark Morris Sent: Wednesday, July 31, 2019 8:51 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: (External):Re: Capital One Data Breach-100 Million Customers affected [Default] On 31 Jul 2019 06:58:19 -0700, in bit.listserv.ibm-main jcew...@acm.org (Joel C. Ewing) wrote: >And I noticed a reprinted Washington Post article in my local paper >today "Bank data stolen despite cloud push", which clearly indicates >bank management had the perception that somehow removing data from >Capital One's direct physical control to Amazon Web Services on the >cloud would "improve" security rather than just add different paths for >attack. Can't help but wonder if this move to "cut back" on Capital >One's data centers also involved laying off the people that might have >been smart enough to configure their firewall correctly and avoid the >breach. Since configuration problems have hit the mainframe, I suspect that platform didn't matter. I am beginning to believe that the most secure platform is the one where it is easiest (and mostly by default) to secure to the limits of the platform. Since this isn't a set and forget issue, good practices need to be in place so that ex-employees don't have access. Why was the person accused of the breach able to access the cloud? Did she need credentials in order to get by the improperly configured firewall? I suspect that all companies need an HR application that causes review of an employee's/contractor's access every time they change position and when their employment is terminated. Clark Morris > Joel C Ewing > >On 7/31/19 8:32 AM, Bill Johnson wrote: >> She breached an incorrectly configured firewall. >> >> >> Sent from Yahoo Mail for iPhone >> >> >> On Tuesday, July 30, 2019, 7:48 PM, Edward Finnell >> <0000000248cce9f3-dmarc-requ...@listserv.ua.edu> wrote: >> >> https://www.usatoday.com/story/money/2019/07/29/capital-one-data-brea >> ch-2019-millions-affected-new-breach/1863259001/ >> >> A CLOUDy day in data processing. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN