Home Cloud Computing AWS Announces New S3 Cloud Storage Security Encryption Features

AWS Announces New S3 Cloud Storage Security Encryption Features

0
AWS Announces New S3 Cloud Storage Security Encryption Features
0
AWS Announces New S3 Cloud Storage Security Encryption Features

Amazon Web Services (AWS) recently announced new Simple Storage Service (S3) encryption and security enhancements including Default Encryption, Permission Checks, Cross-Region Replication ACL Overwrite, Cross-Region Replication with KMS and Detailed Inventory Report. Another recent announcement by AWS is for PrivateLinks endpoints within a Virtual Private Cloud (VPC).

AWS Service Dashboard

Default Encryption

Extending previous security features, now you can mandate all objects stored in a given S3 bucket be encrypted without specifying a bucket policy that rejects non-encrypted objects. There are three server-side encryption (SSE) options for S3 objects including keys managed by S3, AWS KMS and SSE Customer ( SSE-C) managed keys. These options provide more flexibility as well as control for different environments along with increased granularity. Note that encryption can be forced on all objects in a bucket by specifying a bucket encryption configuration. When an unencrypted object is stored in an encrypted bucket, it will inherit the same encryption as the bucket, or, alternately specified by a PUT required.

AWS S3 Buckets

Permission Checks

There is now an indicator on the S3 console dashboard prominently indicating which S3 buckets are publicly accessible. In the above image, some of my AWS S3 buckets are shown including one that is public facing. Note in the image above how there is a notion next to buckets that are open to public.

Read the entire article here, AWS Announces New S3 Cloud Storage Security Encryption Features

Via the fine folks at Greg Schulz.

Categories:
Greg Schulz Greg Schulz is Founder and Sr. Consulting Analyst of independent IT advisory consultancy firm Server StorageIO and UnlimitedIO LLC (e.g. StorageIO®). He has worked in IT for an electrical utility, financial services, and transportation firms in roles ranging from business applications development to systems management, architecture, strategy, performance, and capacity planning. Mr. Schulz is the author of the new book “Software-Defined Data Infrastructure Essentials” (CRC Press). Greg is also the author of the Intel Recommended Reading List books “Cloud and Virtual Data Storage Networking” and “The Green and Virtual Data Center” via CRC Press and “Resilient Storage Networks” (Elsevier). Greg has a new book due out spring 2017 “Software Defined Data Infrastructure Essentials” (CRC) and is also a Microsoft MVP as well as VMware vSAN vExpert.

Share your view, leave a comment below:

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          deviceTRUST Contextual Security – Use Case (Conditional Access based on Security State) Video

          We show how the status of the security components on the endpoint (firewall, anti-spyware, anti-virus, Windows updates, etc.) can be used to control access to the virtual session. This video is from the fine folks at deviceTRUST.

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close