In the constantly evolving landscape of data analytics, the security of software systems is paramount. Recently, a new cyber threat emerged, targeting users of Sisense, a leading business intelligence tool. This attack underscores the need for vigilance and proactive security measures. Here’s an essential guide on the incident and steps to ensure your data remains protected.
Overview of the Sisense Cyber Attack
According to reports, attackers gained unauthorized access to the company's self-hosted Gitlab code repository. This breach led to the theft of several terabytes of data from Sisense's Amazon S3 buckets, including millions of access tokens, email passwords, and SSL certificates.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken an active role in addressing this incident, especially concerning the impact on critical infrastructure sectors. They, along with Sisense, are continually investigating the breach.
Immediate Steps for Sisense Customers
If you are a Sisense customer, it is crucial to act swiftly to secure your accounts and data. Here are the steps recommended by Sangram Dash, the Chief Information Security Officer at Sisense:
General Measures
- Change Your Password: Start by changing all passwords related to your Sisense account.
- Logout All Users: Ensure that all users are logged out by executing the
GET /api/v1/authentication/logout_all
command under an Admin user.
For Non-SSO Users
- Replace Secrets and Reset Passwords: Change the secret in the Base Configuration Security section and reset passwords for all users within the Sisense application.
For Single Sign-On (SSO) Users
- Update SSO Settings: If you use SSO JWT, update
sso.shared_secret
in Sisense and adjust the SSO handler settings accordingly. - Rotate Certificates: It's advised to rotate the x.509 certificate for your SSO SAML identity provider and the client secret if utilizing OpenID.
Additional Security Measures
- Customer Database Credentials: Change any database credentials used within the Sisense application.
- Data Models: Update usernames and passwords in your database connection strings.
- Active Directory/LDAP: Modify credentials used for AD synchronization.
- GIT Authentication: Update HTTP Authentication credentials for all your GIT projects.
- Web Access Token and More: Rotate all web access tokens, infusion app keys, and credentials for any custom email servers.
- Custom Code: Reset secrets found in custom code Notebooks.
Why These Steps are Necessary
Given the nature of the breach, where sensitive data was accessed and potentially exposed, taking these steps is essential to prevent unauthorized access to your systems and data. Resetting credentials and tokens helps ensure that attackers cannot reuse stolen information to gain further access.
DashboardFox Security Practices
At 5000fish, we prioritize the security and trustworthiness of our data analytics platform. Here’s how we ensure our software remains secure and reliable:
- We adhere to strict coding protocols and regularly review our code to reduce security risks.
- Our developers undergo training to stay abreast of current cybersecurity challenges.
- We perform routine security checks, including penetration tests and vulnerability scans.
- Updates and patches are swiftly deployed to rectify any identified security concerns.
- We have strong authentication and authorization systems in place to safeguard access to sensitive information.
- Our use of advanced encryption methods ensures that data is protected both during transmission and while stored.
By taking these measures, we commit to maintaining a secure environment for our data analytics tool, safeguarding our customers’ trust and their valuable data assets.
Looking for an Alternative to Sisense?
If you're considering alternatives to Sisense for your business intelligence needs, DashboardFox is an excellent choice that offers several distinct benefits.
Control Over Your Data: DashboardFox is a self-hosted solution, which means it runs on your own servers. This setup ensures that you have full control over your data storage and security, without the risk of cloud hosting or third-party access. You can also tailor the user interface to reflect your organization’s branding and style.
Cost-Effectiveness: Unlike Sisense, which may require recurring subscription fees, DashboardFox allows for a one-time purchase. This means you can continue using the platform indefinitely without further payment, although an optional annual fee is available for ongoing updates and support.
Rich Feature Set: DashboardFox offers a wealth of features without additional charges. These include robust security tools, a mobile-responsive design, interactive dashboards, and email scheduling capabilities. Integration with existing systems is straightforward, enhancing its utility across your IT landscape.
If you’re interested in exploring what DashboardFox has to offer, our team is ready to assist. Schedule a meeting for a detailed demonstration and discussion about how DashboardFox can meet your business intelligence needs and help transform your data-driven decision-making processes.
Experience the benefits of DashboardFox and elevate your data analytics capabilities.