Read Aloud the Text Content

This audio was created by Woord's Text to Speech service by content creators from all around the world.

Text Content or SSML code:

5 Defensive Tactics To Prevent Breaches Like Uber Hack Multifactor Authentication Uber attackers were able to remotely access both Uber's GitHub and AWS instances. A time-based soft token, hard token, SMS text message, or card-based token are all effective methods for securing remote logins and preventing remote attackers from accessing sensitive systems. The least Privilege Attackers were able to access Uber's AWS environment and exfiltrate millions of sensitive data records using a single set of administrator credentials obtained from GitHub. By limiting privileges to only what is required, the impact of a single lost account is reduced. Zero Trust The concept of zero trust, with its guiding principle of 'Never Trust, Always Verify,' is making waves in the IT security world. The key feature of this approach is that only authenticated users have access to the data and applications. IAM is very effective with the Zero Trust model, and security is taken to the next level. Cloud Security Monitoring Uber was unaware of the data breach until the attacker contacted them via email and demanded payment. Cloud services, particularly those that host sensitive data, require effective monitoring in order to detect any unauthorized access to sensitive data. Security Controls Risk-based security is the most effective way for businesses to direct their security investment. Businesses can direct investment and effort to the security controls that will provide the greatest risk reduction by conducting an assessment to determine areas of risk.