Security Analyst – Jeff Soehner CISSP, GXPN,GPYC,GMOB,GCIH

A financial startup (known as a fintech) has put almost half a terrabyte of data in a cloud based storage for use in a mobile app.

Security specialist with concerns for the inevitable future of OpenAPI for banking have been screaming about this nightmare for years. What do we do for the 100s of 1000s of people who have now lost their financial data?

Steps should be taken to encrypt this data at rest to address this very situation WHEN it happens and not allow the use of data by fintechs without these controls. Allowing banks to encrypt all data before it is shared and sharing the keys to registered companies may be the only sure way to prevent this in the future.

https://www.infosecurity-magazine.com/news/cloud-leak-exposes-425gb-financial/

So you thought that when all the source code was available for everyone to see, you would have a better chance of finding bugs right?

It turns out that just because everyone can read it, that doesn’t mean anyone will do anything about it? I mean, this software is created by volunteers, modified by volunteers and used by anyone who wants to use it. Who said anything about making sure it was secure?

A titan in the world of management and a hero to us all.

Forbes: Jack Welch, Former General Electric CEO And Chairman, Dies At 84. https://www.forbes.com/sites/lisettevoytko/2020/03/02/jack-welch-former-general-electric-ceo-and-chairman-dies-at-84/