Another Single Point of Failure (SPOF) breach was announced that leaked 38 million records from many companies who used the Microsoft Power Apps. If you read about the vulnerability, you will find that the software only had one layer of security and that one point of weakness was easy to bypass. This is a failure for Microsoft and for the large companies that were supposed to research products and services before using them. There is such a race in industry to launch a product that we have seen both cybersecurity and safety neglected.

So how do we fix the problem? Companies, today need to start the process to become NIST CSF certified. Then they will have the policies, procedures, training, execution, and verification to eliminate SPOF systems. Microsoft developed the tool, but it was another organization that caught the flaw. In truest terms, we need more trained individuals in the Supply Chain to test products and services for cybersecurity failures. Many Ohio and US companies are on the sidelines and do not have cyber capabilities. But with the NIST CSF, we can begin today to change that stance.

TechR2’s data security systems use multiple layers of data security and meet the requirements of the Zero Trust Security Model.

Related article: Microsoft Power Apps misconfiguration exposes 38 million data records | ZDNet