@resist1984 Fair point, but insider threat is a risk which affects all businesses. You can also use standard Public Key Infrastructure to secure data so you don't need to trust Amazon if you're going to use them for storage. In addition, from what I understand the Capital One breach wasn't due to untrustworthy insiders, it was due to a misconfigured Web Application Firewall (ModSecurity) which in turn allowed for Server Side Request Forgery.