A Technical Deep Dive Into Shadow Data

Logo
Presented by

Dan Eldad, VP Data, Laminar

About this talk

Shadow IT”, which refers to technology projects or data stores that operate outside the governance and oversight of your corporate IT, has now evolved into a more menacing threat known as “shadow data" in the era of multi-cloud architectures. This “shadow data” refers to company data that is copied, backed up, or stored in data stores that lack proper governance and security oversight, making it a significant vulnerability for organizations. As a result, well-known companies like Twitter and SEGA Europe have fallen victim to shadow data breaches, highlighting the critical need for understanding and mitigating this threat. In this briefing, we will delve into the inadvertent creation of shadow data in various examples, including S3 buckets, RDS Postgres instances, and EBS volumes. We’ll explain how these issues can occur in any cloud environment, provide insights on how to avoid them, and offer strategies for remediating
Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (353)
Subscribers (36739)
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.