How to Secure AWS Storage Buckets

Amazon is responsible for securing its cloud. Your security inside its cloud is on you.

Maria Korolov

October 4, 2018

1 Min Read
Storage array

For businesses with data to store, Amazon Web Services can be great. The cloud provider’s S3 storage buckets are relatively inexpensive, can spin up and down quickly, scale easily, and are backed up and secured by Amazon itself, making them easy to manage.

But the ease of management and deployment is a double-edged sword. If the access credentials leak, or the buckets are set to public access, the data becomes accessible to anyone in the world.

This isn't just a theoretical threat. Last year, Accenture accidentally allowed public access to a database containing 40,000 passwords and other client credentials stored in S3 buckets. Other companies that left their buckets open to the public included Dow Jones, Verizon, and military intelligence agency INSCOM. Uber stored personal information on 57 million users on Amazon, hackers got in, and the ride-hailing company ended up paying off the hackers to hide news of the leak.

Cloud security company RedLock recently found 250 organizations leaking credentials to their cloud AWS environments.

In fact, according to a report by RedLock, 53 percent of organizations that use cloud storage services like Amazon S3 have accidentally exposed at least one such service to the public.

To read the rest of this article, please fill out the form below:

Related:The Huge Security Threat of Misconfigured Cloud and How to Fix It

About the Author(s)

Maria Korolov

Maria Korolov is an award-winning technology journalist who covers cybersecurity, AI, and extended reality. She also writes science fiction.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like