Cybersecurity

5934 readers

20 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

106

Disney ditching Slack after massive July data breach (www.bleepingcomputer.com)

submitted 3 months ago by [email protected] to c/cybersecurity

12 comments fedilink hide all child comments

The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 34 points 3 months ago (3 children)

If you are a corporation of that size, you shouldn't be putting all of your critical communication on someone else's servers.

[–] [email protected] 32 points 3 months ago

Ever since cloud became a thing companies of all sizes are filling up other people's servers.

[–] [email protected] 20 points 3 months ago (1 children)

NIH isn't healthy either to be honest. Plus when some service fucks up, you may have legal recourse. If it's your own employees, you can fire them but won't get much money out of them.

[–] [email protected] 7 points 3 months ago (2 children)

Purchase a tool and self host. You can't un-leak data no matter how much money you get.

You are in charge of internal policies and can enforce them.

[–] [email protected] 8 points 3 months ago

Self-hosting isn't some silver bullet. Poorly self-hosted stuff is way less secure than large corporate cloud-based services. There are very few organizations that can successfully craft a secure IT environment for themselves.

[–] [email protected] 4 points 3 months ago

Data can be leaked from self hosted services as well especially if you don't have people with he skillset and management that backs up the security team.

[–] zingo 5 points 3 months ago* (last edited 3 months ago) (2 children)

Correct you are sir.

Have they not heard of selfhosting?

[–] [email protected] 7 points 3 months ago (2 children)

But then you need to pay employees.

[–] [email protected] 3 points 3 months ago

i bet disney will wait for AI admins or sth

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago)

And hire the right people to make it and keep it secure, which isn't cheap.

[–] [email protected] 2 points 3 months ago (1 children)

Slack supports self-hosting. https://api.slack.com/distribution/hosting

[–] [email protected] 8 points 3 months ago

No it doesn't. That link is about self-hosting Slack apps, AKA integrations with the Slack platform. It is not about self-hosting the core service.