Amazon Announces New S3 Encryption and Security Features
In a recent post on the AWS blog, Amazon announced the addition of several new security features to its S3 service. While AWS had offered a variety of security features prior to this update, these new additions can be useful to admins and organizations that are looking for ways to increase the security of the data.
Included in this AWS S3 security update are five new security features:
Default Encryption — Admins can now choose from among three server-side encryption options for Amazon S3 objects, including SSE-S3, SSE-KMS, and SSE-C. Additionally, admins can configure S3 buckets so that every object stored within them must be encrypted. What’s particularly nice about this option is that any unencrypted objects that get added to an S3 bucket, can be automatically encrypted.
Permission Checks — Amazon S3 buckets can now be secured using the same access control list (ACL) technology that’s used when applying Managed Configuration Rules. What’s more is that users can view each bucket’s access control level from within their dashboards. This can be particularly useful for checking permission levels at a glance when there are many S3 buckets on the same account.
Cross-Region Replication ACL Overwrite — When using Cross-Region Replication to copy objects from one bucket to another bucket on a different AWS account, users can now allow full access control list (ACL) access to the owner of the destination bucket. This splits the ownership of the source and destination data amongst the two accounts.
Cross-Region Replication with KMS — When replicating SSE-KMS encrypted objects across AWS regions, it can sometimes be difficult as KMS keys are region-specific. However, users are now able to set the destination key when configuring the replication. This makes it easier to replicate data across regions while ensuring that the data remains encrypted throughout the whole process.
Detailed Inventory Report — Users can now enable daily or weekly S3 inventory reports, enabling them to view information regarding the encryption of objects stored within their S3 buckets.
The above features are now available for use with Amazon’s S3 service. As for pricing, all of them can be enabled for free but it should be noted that users will be charged the standard rates for calls to KMS, S3 storage, S3 requests, and inter-region data transfer.
With many organizations are moving storage infrastructures to the cloud, it is crucial for admins to ensure that they are doing everything within their power to keep both organizational and user data safe. And with new security features like default encryption, secure object replication, and providing automated security inventory reports, Amazon is helping AWS S3 admins to do just that – keep user data secure in an efficient and effective manner.
More in Security
Petri Dish: Cybersecurity vs IT Security with Devolutions
Sep 28, 2022 | Russell Smith
Stop MFA Fatigue with Additional Context and Number Matching for Microsoft Authenticator
Sep 22, 2022 | Rabia Noureen
Researchers Warn About New Shikitega Malware Targeting Linux Endpoints and IoT Devices
Sep 12, 2022 | Rabia Noureen
LastPass Confirms Internal Source Code Compromised in Security Breach
Aug 26, 2022 | Rabia Noureen
Avast Gets New Ransomware Shield to Protect Small Businesses
Aug 24, 2022 | Rabia Noureen
Mandiant Warns Hackers Now Use New Trick to Bypass MFA
Aug 22, 2022 | Rabia Noureen
Most popular on petri