A cloud misconfiguration occurs when you have not configured a cloud-related system, asset, or tool properly. Misconfigurations are one of the most common ways by which digital criminals can gain a foothold into your infrastructure-as-a-service (IaaS) environment. McAfee provided a list of such misconfigurations affecting Amazon Web Services in its “Cloud Native” report: EBS data encryption is not turned on. There’s unrestricted outbound access. Access to resources is not provisioned using IAM roles. Publicly exposed cloud resources.”]
Source: https://www.darkreading.com/cloud/you-re-one-misconfiguration-away-from-a-cloud-based-data-breach