Stumbled across this interesting link today regarding Microsoft Office 365, http://adallom.com/blog/severe-office-365-token-disclosure-vulnerability-research-and-analysis/
Its expected that all software has inherent flaws as its impossible to code for every possibility without many iterations. The scary aspect of this problem though is that as organisations move towards Cloud based solutions for storing business critical and sensitive data, the likelihood of data being stolen increases dramatically.
The ‘Old World’ corporation stored data within their own organisational boundaries, this in itself added a ‘castle wall’ where a hacker had to get past the corporate firewall before security could be breached. even exploiting a credential did not necessarily mean a hacker had access to any data.
Vulnerabilities will continue to be found and exploited of many years to come (just look at patches for the software and OS versions we all use everyday) and possibly there is a case for storing sensitive intellectual property within the companies walls.
Leave a Reply