存储架构

Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after database blunder grants us…

微信扫一扫,分享到朋友圈

Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after database blunder grants us…
0

Salesforce customers have been unable to access the service since 0956 PDT (1656 UTC) on Friday, thanks to a ham-handed database deployment.

Shortly thereafter, the cloud CRM biz said that it’s looking into an issue linked to current or past users of its Pardot B2B marketing automation system.

It seems the US tech giant granted Pardot customers access privileges they should not have, which is to say access to everything. As was observed on Reddit
, "One of our projects had all its profiles modified to enable modify all, allowing all users access to all data."

To deal with the mess, Salesforce’s IT team has denied all access to more than 100 cloud instances that host Pardot users, shutting out everyone else using those servers at the same time.

"The deployment of a database script resulted in granting users broader data access than intended," Salesforce said in a note
posted at 1033 PDT (1733 UTC). "To protect our customers, we have blocked access to all instances that contain affected customers until we can complete the removal of the inadvertent permissions in the affected customer orgs."

Salesforce says customers with no ties to Pardot may experience service disruption. The biz insists it’s working to restore things as quickly as it can.

Social media of course has risen to the occasion with a litany of complaints. Some people report that their entire company has ended the week early
and gone
home
on account of the cloud service outage.

Via Twitter, Salesforce CTO and co-founder Patrick Harris apologized for the screwup.

To all of our @salesforce
customers, please be aware that we are experiencing a major issue with our service and apologize for the impact it is having on you. Please know that we have all hands on this issue and are resolving as quickly as possible.

— Parker Harris (@parkerharris) May 17, 2019

In a statement emailed to The Register
, Balaji Parimi, CEO of security biz CloudKnox, cautioned that companies need to understand over-provisioned privileges represent a more likely threat than external attacks or insider threats.

"Security teams need to make sure that privileges with massive powers are restricted to a small number of properly trained personnel," he said. "Until companies better understand which identities have the privileges that can lead to these types of accidents and proactively manage those privileges to minimize their risk exposure, they’ll be vulnerable to devastating incidents like the one we’re seeing with Salesforce right now."

The Register
asked Salesforce to comment but we’ve not heard back. No doubt they’re rather busy at the moment. ®

阅读原文...


微信扫一扫,分享到朋友圈

Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after database blunder grants us…
0

The Register

Checked input radio launch color transition in div (only css)

上一篇

Q&A: Adobe puts AI, machine learning to work for small business

下一篇

评论已经被关闭。

插入图片

热门分类

往期推荐

Salesforce? Salesfarce: Cloud giant in multi-hour meltdown after database blunder grants us…

长按储存图像,分享给朋友