Since the first steps with a recommendation algorithm for other customers, amazon has developed bookers to become one of the big players in the big-data area. However, as a counterweight of any approach to an effective data protection culture, the us group lacks, three earlier driving employees in the it security area declared against the online magazine politico. There are not even the basic prerequisites for adequately protecting the private phrases of users. This was allowed to consequence as a massive consequences as an uncontrollable data drain and could facilitate hackers attacks.
No overview of the data
The warnings come according to the report of two ex-staff in the us as well as one from europe. All three should therefore have been repeatedly tried to alert internally the lead-plane in the headquarters in seattle. But they were pushed aside, dismissed or stamped from the company. According to the main problem, the fact that the online handler puts tens of thousands of teams on big-data analyzes. However, the employees and the spirit of the group are not clearly clear which data templates where they are stored and who have access to it.
For example, in the data protection basic regulation (dsgvo) and now also in the californian counterpart user rights, about information and correction, the company can not comply with the whistleblowers so not. If about a customer his losch claim after the "right to forgotten" wool’s wool, it was almost impossible for amazon to find all the jobs where the personal data were in different systems.
"We have found hundreds of thousands of accounts where employees are no longer there, but still access to the system", does one of the insiders refer to another vulnerability. According to internal security reports from 2016 and 2017, the company indicated to provide only between 55 and 70 percent of its systems with security updates. In an internal memo of 2018, the likelihood of critical financial loss or image damage for the company is considered "very high" integrated, as it was not possible to identify attacks of opponents.
Less data protection than aws
The speech is also the use of an uncertain trial protocol for online payments since 2014. The problem has been fixed after further clues 2016 and 2018. Previously, amazon has successfully operated lobbying in the state standardization body and get paid two years of delay. The group, which has so far been in the criticism, for lack of workers’ protection, should also have set up a special team for the implementation of the specifications only a few weeks before the applicability of the dsgvo in the spring of 2018. Significantly more value liege amazon on it security with his cloud flagship aws. Datene data leaks are usually due to condominium users.