Code Spaces Spaced Out On Data Security
Author: Terry Kurzynski, ISO 27001 Auditor, CISSP, CISA, PCI QSA
The information security community is abuzz with the news of Code Spaces closing its doors after having all of its client’s data erased by an attacker who gained access to their environment. Code Spaces offered their clients a “code repository” service – think Subversion-as-a-Service – and convinced their clients that their code was safe from data loss when stored there. The failure is seen as the first “death” in the cloud. According to Dave Shackleford of Voodoo Security, “This thing is going to be a case study for everybody’s cloud security forever.” (Blevins, 2014) (more…)