back to article Misconfigured Big Data apps are leaking data like sieves

More than a petabyte of data lies exposed online because of weak default settings and other configuration problems involving enterprise technologies. Swiss security firm BinaryEdge found that numerous instances of Redis cache and store archives can be accessed without authentication. Data on more than 39,000 MongoDB NoSQL …

  1. John Smith 19 Gold badge
    Thumb Up

    Interesting idea. Charging companies to find out how stupid their staff have been.

    That just might work.

  2. Uberseehandel

    Few of the MongoDBs I've come across have been secured properly

    MongoDB is embedded in a number of applications. The users of these applications are incapable of reading manuals, so even when they are directed to instructions for securing the DB, they do nothing.

    The people who write the software that controls the equipment that the users bought don't know anything about databases, they tend to be electrical and electronics engineers, who regard software as a necessary evil. They are also so insular, I'm not sure they really appreciate the need for security.

    I regularly sort out MongoDB security (its not difficult), upgrade it from 32 to 64-bit (equipment engineers don't do this), and link it to Pentaho for reporting purposes. I must have explained how to do this upwards of 100 people, despite being "professionals", not one of them has been capable doing the same. From their point of view they just want kit that works. Sometimes I think that free Open Source software is the most expensive you can buy.

    I enjoy this view of MongoDB - https://www.youtube.com/watch?v=b2F-DItXtZs

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020