Three Cs to secure against leaks like Capital One

It was
revealed today that about 100 Million records were leaked from Capital One and because the press has published
court documents pertaining to this case, at least some details are known. According to that, data was stored in cloud storage buckets it was accessible using a service account from a compute instance that itself had a misconfigured firewall, allowing a hacker to connect to the VM and transfer, extricate data from the bucket. While it is always easy to see mistakes in hindsight, I also reflected about what we have been doing to protect our customer's data in the cloud.