BlueXP Blog

Capital One Data Breach: What It Means for Cloud Users

Written by Yifat Perry, Technical Content Manager | Aug 20, 2019 1:32:05 PM

The business world always takes security breaches seriously, so when the news broke that Capital One had been breached, exposing personal data of over 100 million customer accounts, including 140,000 Social Security numbers 80,000 linked bank accounts, it sent shockwaves through boardrooms around the globe.


More troubling is that this breach involved data that was being stored in the cloud, as Capital One was in the process of a cloud migration that will eliminate all of their physical data centers within the next year. Scenarios such as this are exactly why enterprises were initially so weary of the cloud, and even though AWS, Capital One’s cloud provider, does not seem to be at fault for the breach, those old fears may resurface. As more and more companies transition to the all-cloud strategy, events such as this hack can cause companies to put those plans on hold or decide to shift towards a cloud-first approach that embraces hybrid cloud architecture that retains the more sensitive operations on-prem.


What happened at Capital One and how can Cloud Volumes ONTAP users protect their data in the cloud from similar attacks? In this post we’ll take a closer look at the events that took place at Capital One and also give you a map of resources that you can use to make sure your Cloud Volumes ONTAP deployment is secure, including an offer to sign up for our upcoming webinar that will address security.

What the Breach Means for Companies Thinking of Moving to the Cloud

The main implications of the security breach are that a huge amount of customer data was exposed on GitHub and seen by an unknown number of people. Capital One also suffered an immediate hit to its stock price. These are the common fallouts that take place after a hack: the financial impacts are real.


But companies have more than just the financial hit from the loss of business and impacted stock prices to worry about. This kind of breach can also have implications when it comes to the growing list of important compliance laws such as the European Union’s General Data Protection Regulation (GDRP) and the powerful California Consumer Privacy Act (CCPA), which comes into effect next year. The fines for not protecting user data at this scale can be catastrophic.


But for those concerned about the safety of the cloud, consider that the exposed data came from misconfigured servers that belonged to Capital One—not through any service provided by AWS. The fault seemed to be human error with the company’s IT team, one that was unfortunately exploited by a malicious actor.


The real takeaway here is that security has to always be a top priority, and the responsibility lies with your IT department as well as with your cloud provider. If your company’s IT landscape has a weakness, there’s a good chance someone is going to find it, whether it’s on-prem or in the cloud. Companies that are deploying in the cloud with Cloud Volumes ONTAP, or those who are considering a move to the cloud with Cloud Volumes ONTAP, should review all their security measures now.

How Cloud Volumes ONTAP Can Help Protect Enterprise Data in the Cloud

Cloud Volumes ONTAP provides a handful of tools that make it possible to keep your data secured in the cloud. These include:


  • Out-of-the-box SMB3+/NFS4.1+ encryption for data in-flight and data at rest.
  • Unique volume XTS-AES-256 key encryption for NetApp Snapshot copies, metadata, and data.
  • Integration with native cloud encryption technologies such as Azure Storage Service Encryption and AWS Key Management Service (KMS).
  • Vscan antivirus technology for on-access and on-demand virus scanning.
  • File share permissions protections, including configurable EXT permissions and support for native NTFS ACLs.
  • NetApp ONTAP FPolicy notifications triggered whenever suspicious file or data activities occur.
  • WORM storage in the cloud and read-only NetApp Snapshot copies to prevent ransomware from destroying or locking you out from your important data.
  • Security groups for network layer security with designated export policy protections.
  • Defined user roles for NetApp Cloud Manager to prevent unauthorized access inside your company.
  • SSO and federated identity credentialing using SAML, ADFS, and OIDC standards.

Additionally, the Cloud Volumes ONTAP HA configurations for AWS and for Azure allow workloads to run in a dual-node structures that can make sure that if an attack takes your application or site down, the secondary node can immediately take over operation.

You can read more about these features in this full blog post on protecting your Cloud Volumes ONTAP deployment. And to find out more, sign up for our upcoming webinar on Cloud Volumes ONTAP security, an important resource for new as well as experienced Cloud Volumes ONTAP users.