Misconfiguration

In computing, misconfiguration occurs when an IT system, asset, or tool is set up incorrectly, leaving it vulnerable to malicious activity and jeopardizing the security of data. This is a leading cause of data breaches, chiefly when leveraged in critical application and data assets.

With the growing use of hybrid data centers and cloud environments and complexity of applications, operating systems and frameworks, misconfiguration is more prevalent and harder to prevent.

Examples of misconfiguration include:

  • VPC flow logs are disabled
  • Unused security groups are discovered 
  • EC2 security group port or inbound access is misconfigured
  • Access to resources is not equipped using IAM roles
  • Outbound access is unrestricted
  • EBS data encryption is not turned on
  • S3 bucket encryption is not turned on
  • A server that exposes too much information to users, particularly on the web

Preventing misconfigurations

Ways to prevent security misconfigurations include keeping software up to date, disabling default accounts, encrypting data, enforcing strong access controls, running security scanners, and performing regular system audits.

It’s important to prevent or fix a misconfiguration because it’s one of the most common ways hackers gain access to an environment. They do this by stealing or using weak credentials to enter as a legitimate user or exploiting an unpatched vulnerability that’s deployed in the environment. From there, malicious parties can target other parts of the system.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...