this post was submitted on 21 Sep 2024

105 points (99.1% liked)

Cybersecurity

5687 readers

30 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

105

Disney ditching Slack after massive July data breach (www.bleepingcomputer.com)

submitted 1 month ago by BrikoX@lemmy.zip to c/cybersecurity@sh.itjust.works

12 comments fedilink hide all child comments

The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels.

top 12 comments

sorted by: hot top controversial new old

[–] mipadaitu@lemmy.world 34 points 1 month ago (3 children)

If you are a corporation of that size, you shouldn't be putting all of your critical communication on someone else's servers.

[–] Twinklebreeze@lemmy.world 32 points 1 month ago

Ever since cloud became a thing companies of all sizes are filling up other people's servers.

[–] boonhet@lemm.ee 20 points 1 month ago (1 children)

NIH isn't healthy either to be honest. Plus when some service fucks up, you may have legal recourse. If it's your own employees, you can fire them but won't get much money out of them.

[–] mipadaitu@lemmy.world 7 points 1 month ago (2 children)

Purchase a tool and self host. You can't un-leak data no matter how much money you get.

You are in charge of internal policies and can enforce them.

[–] Benjaben@lemmy.world 8 points 1 month ago

Self-hosting isn't some silver bullet. Poorly self-hosted stuff is way less secure than large corporate cloud-based services. There are very few organizations that can successfully craft a secure IT environment for themselves.

[–] femtech@midwest.social 4 points 1 month ago

Data can be leaked from self hosted services as well especially if you don't have people with he skillset and management that backs up the security team.

[–] zingo@sh.itjust.works 5 points 1 month ago* (last edited 1 month ago) (2 children)

Correct you are sir.

Have they not heard of selfhosting?

[–] floofloof@lemmy.ca 7 points 1 month ago (2 children)

But then you need to pay employees.

[–] yournamehere@lemm.ee 3 points 1 month ago

i bet disney will wait for AI admins or sth

[–] mp3@lemmy.ca 2 points 1 month ago* (last edited 1 month ago)

And hire the right people to make it and keep it secure, which isn't cheap.

[–] OhNoMoreLemmy@lemmy.ml 2 points 1 month ago (1 children)

Slack supports self-hosting. https://api.slack.com/distribution/hosting

[–] plz1@lemmy.world 8 points 1 month ago

No it doesn't. That link is about self-hosting Slack apps, AKA integrations with the Slack platform. It is not about self-hosting the core service.