Cyber security news for all

More

    Configuration Of S3 Buckets At Amazon Web Services

    If the new IT employee suggests installing a publicly accessible web server on your central file server, consider separating from it. If he now rejects this idea and instead intends to move the reports from your highly sensitive data warehouse to your web server, he should definitely be fired.

    Amazon S3

    Data Breaches That Come From S3 Buckets

    But in today’s cloud world, not everything is always so clear. There are services like Amazon’s S3 that take on multiple, often overlapping roles in an application stack, and where your sensitive files are often just a click away from being published online. Cloud storage services today can do more than just keep a file in one place. They often act as both inputs and outputs for more complex process chains. The end result of all of this is the current flood of serious data breaches that result from S3 buckets.

    Enable S3 Logging

    By default, S3 does not maintain access logs for objects  in a bucket. You can specify per bucket that access logs are written for another S3 bucket. If you regularly check the access, you have a better overview of whether and how your data is retrieved from an unknown location or how and when an outflow occurred in the event of data misuse.

    Limit Access To S3

    It is important to know that S3 buckets are already configured securely by default. S3 buckets can only be used internally until either policies or permissions are changed that allow public access. AWS provides the buckets and the objects stored in them with a hierarchically structured system of access authorizations, which is called the object key. It also applies to the objects in the individual folders. By default, only the owner of an account and the creator of a resource have access to a bucket and its object keys.

    So there are many ways to secure and monitor your S3 buckets within AWS. But they also have to be used. Only if the employees are responsible for setting up the cloud, maintenance and know how to secure it; you can use all of these functions and can provide comprehensive protection for the S3 buckets.

    Recent Articles

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Mail provider Tutanota becomes target of cyber attacks

    Over the weekend, ongoing DDoS attacks and an infrastructure problem resulted in downtime for hundreds of users. While some were able to mitigate most...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox