Gotta love these kind of news. There’s always these hypothetical discussions of clouds being insecure and companies generally just ignore that, because clouds are theoretically, sometimes cheaper.
And then every now and then, half the internet leaks out of one of these clouds and everyone’s like, holy crap, and then companies go back to generally just ignoring that, because clouds are theoretically, sometimes cheaper.
Unfortunately nobody in charge has seen consequences for their decision to save a few theoretical nickels, so far. But then again, a lot of software/IT related stuff would look completely different, if anybody did.
I do not think anyone belive clouds are cheaper. For a stable workload probably 2x as expecive. Especially when you also count the new finops department you need to know what you are actually paying for in the cloud.
What cloud do give is virtualy infinite capacity, infinite scale out performance, instant availabillity and scaleabillity up to a global presence, no up-front cost, no tear down cost, bragging rights, no long running contracts and api’s for EVERYTHING.
Edit: I did see you write theoretically ;)
Let me add another important point: outsourcing responsibility. In case of a data breach, you have someone to sue and you don’t need a whole internal team to be up to date on the latest security topics. Instead, they just have to be able to manage the web interface (not saying that is easy, just less subject to changes)
Given the average company I believe the cloud being more secure, of course they can shoot themselves d in the foot in the cloud as well but that wouldn’t be the cloud being insecure. The cheaper part… not sure if I would agree, it is more simple and easier to manage than your own physical hardware and all that entails, unless you require very little, that’s for sure.
The exposed data included backups of personal information belonging to Microsoft employees, including passwords for Microsoft services, secret keys, and an archive of over 30,000 internal Microsoft Teams messages originating from 359 Microsoft employees.
In an advisory on Monday by the Microsoft Security Response Center (MSRC) team, Microsoft said that no customer data was exposed, and no other internal services faced jeopardy due to this incident.
Microsoft said that no customer data was exposed
Sure, we’ll just take your word for it, buddies. Cheers. /laughs in Linux
Can, but shouldn’t. I have a work related Teams account, and one where I tried to rent a Windows VM for a consulting job. That’s it though - no private data to get leaked. The work conversations would suck though, but I’ll happily remind my boss et al why using Teams is a shitty idea in the first place.
📎 “It looks like you’re trying to steal terabytes worth of data. Here, let me just give it to you!”
Microsoft said that no customer data was exposed.
Well then, let’s break out the popcorn, this should be fun!
Did Microsoft officially stop caring about security or is this more of a fad, like when everything was tiles for a while?
We gotta give them a reason to care before they will do anything about it. How many companies have suffered major data breaches over the past 5 years with basically no consequences?
Just leave Microsoft
Oh wait, everything depends on windows. Boy we have created a monster
To be fair Microsoft has never cared much about security. See the windows server (a relatively niche os on servers) second entry in this stat: https://www.statista.com/statistics/701020/major-operating-systems-targeted-by-ransomware/.
It is just that nowadays this kind of issues are more in the news because of “russian cyber criminals”, while in the past no one really cared.
Not that I complain… Visibility is actually a good thing
It’s not relatively niche on SMBs though. It’s a major target so it’ll always get hit.
It’s far less common than linux oses… In any type of servers, including data storages. It is THE major target because it is a bad OS, nowadays primarily used by companies that haven’t a good IT for the typical file shares used by tech illiterates easily victims of social engineering attacks. It’s a explosive combination that results in that stat… Practically 100 % of successful ransomware attacks on servers is on windows servers, despite overall being much less used than competitors
