Twitch Data Loss Shows the Time for Data Governance is NOW

We have all probably heard about the recent news on the Twitch data breach.  Yes, it is a huge deal, and the hack has received a ton of press.  

But I am amazed that the thing people are focusing on most is how much money the top streamers are making on a monthly or yearly basis. 

Sensitive Data & Source Code Leaked at Scale

The fact that a platform that has well over 100 million views a month and is owned by an industry giant named after a river had this event.  I mean come on people we are missing the boat on this one. 

I 100% support free enterprise but the fact that this event happened due to a server misconfiguration should be the focus. This simple mistake allowed sensitive data and source code to leave the virtual building at a massive scale.

Here is a direct quote from Twitch on their news page:

 As we said previously, the incident was a result of a server configuration change that allowed improper access by an unauthorized third party. Our team took action to fix the configuration issue and secure our systems.”

This short paragraph brings up two major topics.  

The first one is that a properly configured system does not always stay properly configured. There are a million things that could happen that could result in an unforeseen configuration change but it usually goes back to human error. 

The second is that you do not always know what third-party system your applications are connected to.  If you think you have complete visibility into your systems, you are kidding yourself. You may know today but what about tomorrow? 

These two issues map directly to the concept of drift, something changed and nobody knew about it.

Data Governance isn’t optional for CI/CD

With aggressive CI/CD pipelines change is constant.  Whether the changes are configuration, infrastructure, or code the threat of a mistake is real. 

Don’t just look for the known issues be aware of what potential issues may exist after a simple configuration change.  Managing data governance should be a continuous process not something you do a few times a year.

Final Analogy

It is widely known that one of the major reasons the Titanic hit the iceberg in 1912 and sunk was the need for speed.  The ship was going way too fast in the dangerous iceberg-filled waters. The reason for this speed was to impress the world with how amazing this technologically advanced ship was. When an iceberg was spotted it could not stop in time.  

Don’t let your CI/CD pipeline go so fast that you can’t see the virtual iceberg in front of you.

Did you find this blog helpful or interesting?

Click the social media button of your choice to share the blog with you friends and colleagues.

See a Live Demo of the Bionic Platform