Once again a cloud solution has been hacked, this time Verkada, a fairly new entry into the security arena. Verkada offers a turnkey solution using proprietary hardware and hosted video management solutions for a monthly fee. They aren’t unique to the industry, but they are the most recent to be hacked and be spotlighted in the news.
The key takeaway from the Bloomberg article is something we’ve been telling our clients for a while: Cloud and SaaS solutions typically have a “super-admin” or overall management account access that lets the provider “see” all of their customer’s account and account information. This varies of course depending upon the service provider and the service type, but in general if you don’t own the server, someone else does and has to manage and support the data coming into it and on it.
“A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.”
We strongly urge to our clients that sensitive data and physical controls should be hosted on premise, and don’t belong in the cloud. This could be devastating for Verkada and other cloud based solutions that are dedicated 100% to SAAS (software as a service) solutions. You can read the full article from Bloomberg here: