Heron Technology

    News Feature
| 24 May 2023

Heron introduces Security Configuration & Data Compliance Assessment service

Heron introduces a new Security Configuration & Data Compliance Assessment Service to help organisations discover misconfiguration and exposures on monitored endpoints and mishandling of sensitive data that would pose significant risks. The assessment will be free for Singapore companies with over 50 employees for a limited time period.

Heron Security configuration assessment dashboard

A security misconfiguration occurs when system or application configuration settings are missing or are erroneously implemented, allowing unauthorized access. Common security misconfigurations can occur due to leaving default settings unchanged, erroneous configuration changes or other technical issues. They can occur in applications, cloud infrastructure, networks and elsewhere. Misconfigurations are widely regarded as the top cloud vulnerability.

There have been numerous cyber attacks in recent years due to security misconfiguration being the primary cause. In 2021, Nissan, a Japanese multinational automobile manufacturer, had some source code leaked online due to the misconfiguration of a company Git server. Earlier, in May 2020, Mercedes-Benz experienced a similar breach. The Atlassian JIRA data exposure incident in 2019 was one of the most significant exploits of a misconfiguration. Another example of an incident due to excess privileges was Shopify’s 2020 breach.

Data breaches are also increasingly damaging to companies due to increasing data privacy laws, financial penalties and consumer activism. Companies in Singapore can now be fined up to S$1M or 10% of annual revenue if the annual turnover exceeds S$10M. In 2021, 104 Singapore companies were fined a total of S$2.68M, before the increased fine framework was introduced in October 2022. Companies that collect or process the personal data of residents of the EU also must comply with the regulations set forth by the GDPR. GDPR fines are much more severe – depending on the severity of the infringement, it can be up to 4% of annual worldwide revenue or €20 million, whichever is greater.Sample data assessment report

Heron’s new services will help companies prevent attacks due to security misconfiguration and avoid punitive measures under the PDPA and GDPR. The service will also support companies aiming for MAS TRM, ISO27001, HIPPA and other compliance and regulatory requirements.

More details of this service are available in the brochure.

View More News Articles


    Press Release
14 June 2021

Singapore’s Heron Technology Primed For Growth In Cyber Security, Digital Aviation Sectors After Management Buyout

The management buyout of Nova System’s Asia technology business will see the expansion of its core competencies in Cyber Security and Digital Aviation under a new company name Heron Technology…

Read more>>
    News Feature
8 April 2022

Heron Technology Debuts the AirBridge drone management digital platform

Heron’s digital aviation team was back at the Maritime Drone Estate yesterday for the debut of our proprietary drone infrastructure platform – AirBridge. One year on from last year’s demonstration,…

Read more>>
    News Feature
26 July 2022

Heron Tech launches Security Operations Centre and Managed Security Services

Heron is excited to announce the launch of Heron Security Operations Centre (SOC) in Singapore, which will be the hub to provide managed security services for companies in Southeast Asia.…

Read more>>