Skip to content

Cloud Misconfigurations: A Surging but Overlooked Threat

cloud misconfigurations

Enterprises are migrating their workloads to the cloud with the promise of lower costs, increased agility, and greater flexibility. But misconfigured cloud services are a fast-growing source of data breaches. Ameesh Divatia, co-founder and CEO of Baffle, shares some best practices to secure the data analytics pipeline and improve encryption techniques.

Misconfigured cloud services are one of the fastest-growing sources of data breaches today. The statistics are astounding. Misconfigured cloud databases are attacked 18 times per day and within only hours of coming online. And the latest Verizon Data Breach Investigations Report found more than 40% of all error-related breaches involved misconfigurations.

Last year’s massive Capital One breach is an example of the latter to the tune of 100 million exposed customers. At the time, CapitalOne said they “fixed the configuration vulnerability.” But, as it turned out, someone had already stolen the data out of the AWS S3 buckets. And the company now faces an $80 million fine for “failing at security in the cloud.” This incident clearly illustrates that identifying issues after the data is stolen is of no use.

(Link to the Article)

Join our newsletter

Schedule a Demo with the Baffle team

Meet with Baffle team to ask questions and find out how Baffle can protect your sensitive data.


No application code modification required


Deploy in hours not weeks


One solution for masking, tokenization, and encryption


AES cryptographic protection


No impact to user experience