Microsoft Azure Blob Leak a Lesson to CISOs about Cloud Security Responsibility

According to vpnMentor, Microsoft misconfigured its own Microsoft Azure Blob (cloud) storage buckets, which housed third-party data, in what appears to be a self-inflicted wound. In consequence, the organization scored its own goal in favor of those attempting to steal intellectual property.

As its researchers discovered, then alerted Microsoft about the discovered misconfiguration, vpnMentor published its timeline and interaction (or lack thereof) with the company. Several organizations whose data was contained in the data bucket were pitching Microsoft Dynamics in the hopes of forming a relationship with the company.

According to the paper, over 100 "pitch boards" and source codes from 10 to 15 companies were revealed. Companies entrusted their ideas and intellectual property to Microsoft as part of their attempt to become a part of the Microsoft Dynamics CRM/ERP ecosystem, and the misconfiguration unwittingly put their ideas and intellectual property at risk.

The shared responsibility model

"We may assume that the shared responsibility model places the burden of properly securing data assets in the hands of the user," the vpnMentor research team says of who bears responsibility for such misconfigurations. Different parties in user organizations can have varying short-term goals and levels of awareness of security concepts. This could result in confidential data being revealed. This can have disastrous effects regardless of the underlying cloud stack."

CISOs should follow the principle of "shared responsibility," which states that the cloud provider is responsible for cloud protection, while the customer is responsible for cloud security. CISOs should emphasize this point to everyone who might be storing data in a cloud storage system that is not under their jurisdiction.

We see cloud storage owners struggle to keep their storage buckets private daily. They often ignore the various layers of access and authentication processes and procedures in place by cloud providers to protect their data. When more of our data moves to the cloud, whether Azure Blob or AWS S3, configuring the environment to limit access to those that don't need to know is becoming standard practice.

The Microsoft error affected 63 gigabytes of data (or 3,800 files) that were generated in 2016. Although this might seem insignificant in 2021, it is the responsibility of the owner of the knowledge to decide its current value.

"In this case, it's difficult to track down who is really to blame," says Michael Quinn, CEO of ActiveCypher (and a former Microsoft executive). Companies face an uphill fight in their attempt to build a stable data supply chain, with external consultants, suppliers, and expanding workforces having access to large swaths of critical data. In recent months, the existing network/ecosystem has been revealed as porous and vulnerable to compromise. However, losing sight of the target (data protection) and doubling down on efforts has only resulted in the same results." He goes on to say that the "real solution" is to secure data at the file level, regardless of where it was created or whether it is at rest, in transit, or external. "[This] will cancel the value of data that has been compromised, even though it has been exfiltrated."


  1. Hmehagorn

    personal essay vs research paper essay on paper boats

  2. SidCeK

    cannahome market alphabay link

  3. DrnnGuant

    essay ikea essay iim

  4. SidCeK

    Spurdomarket market wallstreet market link

  5. AshleyRow

    white house market link cartel market

  6. SidCeK

    cypher market url torrez market url

  7. AshleyRow
  8. SnrnDyep
  9. Fhrfploth

    weird essay topics essay writing sperm

  10. SidCeK

    torrez market link torrez market link

  11. SidCeK

    cannazon link incognito market url

  12. AshleyRow

    archetyp market url Spurdomarket market url

  13. SidCeK

    cannahome market url versus market url

  14. AshleyRow

    world market monopoly market

  15. ArnjSpart

    difference between research paper and personal essay upsc essay paper 2013

  16. Cbsbmyday

    research paper where does thesis go sample thesis of computerized payroll system

  17. AhwbJareneery

    thank you note thesis supervisor lancia thesis recenze

  18. Kgwjhunoto
  19. SidCeK

    wallstreet market url Silkkitie market url

  20. SamuelMot

    tor markets links tor markets links

  21. Maurice Heidgerken

    It's remarkable to visit this site and reading the views of all friends regarding this article, while I am also keen of getting experience.|

  22. Malik Nunnenkamp

    That is really attention-grabbing, You are an overly skilled blogger. I've joined your rss feed and stay up for in search of extra of your fantastic post. Additionally, I've shared your site in my social networks|

  23. Willetta Buschur

    I'm interested in fashion and I want to start a blog but I have no idea where to start or how to get people interested in my blog. Any ideas welcome..

  24. Sammie Garrott

    Hi! I could have sworn I've visited this blog before but after going through many of the articles I realized it's new to me. Nonetheless, I'm definitely happy I found it and I'll be book-marking it and checking back frequently!|

  25. Adrian Simokat

    Very descriptive article, I loved that bit. Will there be a part 2?|

  26. Lindy Mamros

    Admiring the persistence you put into your site and in depth information you offer. It's awesome to come across a blog every once in a while that isn't the same out of date rehashed information. Excellent read! I've saved your site and I'm adding your RSS feeds to my Google account.|

  27. Dia Linman

    What a information of un-ambiguity and preserveness of valuable familiarity regarding unpredicted emotions.|

  28. Douglas Than

    Hi mates, nice piece of writing and pleasant urging commented here, I am in fact enjoying by these.|

  29. Elisabeth Shiflett

    This is really interesting, You're a very skilled blogger. I have joined your feed and look forward to seeking more of your magnificent post. Also, I've shared your website in my social networks!|

  30. Myles Schou

    Hello there! I know this is kind of off topic but I was wondering which blog platform are you using for this website? I'm getting fed up of Wordpress because I've had problems with hackers and I'm looking at alternatives for another platform. I would be awesome if you could point me in the direction of a good platform.|

  31. Lettie Badamo

    Superb post but I was wondering if you could write a litte more on this subject? I'd be very thankful if you could elaborate a little bit more. Thank you!|

  32. Jewel Macvicar

    Article writing is also a excitement, if you be acquainted with then you can write otherwise it is difficult to write.|

  33. Micheline Krajewski

    It's remarkable to go to see this site and reading the views of all mates concerning this paragraph, while I am also zealous of getting experience.|

  34. Lindsay Ralat

    Aw, this was a very good post. Taking a few minutes and actual effort to make a superb article… but what can I say… I put things off a lot and never seem to get nearly anything done.|

  35. Umzug Basel

  36. Tracey Itri

    Hey there! This post couldn't be written any better! Reading this post reminds me of my previous room mate! He always kept talking about this. I will forward this post to him. Pretty sure he will have a good read. Thank you for sharing!|

  37. Velia Yurman

    May I simply say what a comfort to uncover an individual who truly knows what they are discussing on the internet. You certainly understand how to bring a problem to light and make it important. More people have to look at this and understand this side of the story. I was surprised you're not more popular since you definitely have the gift.|

  38. Marcelino Nudelman

    I am extremely inspired together with your writing abilities as neatly as with the format on your weblog. Is this a paid subject matter or did you customize it yourself? Either way keep up the excellent quality writing, it is rare to look a great blog like this one today..|

  39. Louetta Faichtinger

    Keep on writing, great job!|

  40. Jona Goldmann

    Hello! Would you mind if I share your blog with my myspace group? There's a lot of people that I think would really enjoy your content. Please let me know. Thank you|

  41. Lonnie Grantz

    What's up to every one, since I am actually eager of reading this website's post to be updated on a regular basis. It contains fastidious stuff.|

  42. Christopher Kalupa

    Every weekend i used to pay a quick visit this site, as i want enjoyment, as this this site conations genuinely pleasant funny stuff too.|

  43. Rene Resner

    Useful info. Lucky me I discovered your site by accident, and I am shocked why this coincidence did not came about earlier! I bookmarked it.|

  44. Otto Stemmer

    Hi there everybody, here every person is sharing these kinds of familiarity, so it's nice to read this website, and I used to visit this web site daily.|

  45. Drew Garofalo

    Really when someone doesn't be aware of after that its up to other people that they will assist, so here it takes place.|

  46. Javier Roegner

    After exploring a few of the articles on your website, I seriously appreciate your way of blogging. I saved as a favorite it to my bookmark site list and will be checking back soon. Please visit my web site as well and tell me what you think.|


Related recommendation

No related articles!


Microsoft Azure Blob Leak a Lesson to CISOs about Cloud Security Responsibility