Almost every week there is another incident of an Amazon S3 storage bucket being left open for anyone to access. These openings allowed data ranging from personal details of wireless customers to 200 million voter records to be exposed for anyone to see, or take. These exposures are not the fault of Amazon. They usually result from user error. The situation is so bad, Amazon is actually emailing users to let them know certain data sets are exposed. Beyond making sure best practices are followed, what can organizations do?
An S3 bucket is a logical unit of storage on Amazon Web Services (AWS) object storage system, Simple Storage Solution S3. Buckets are used to store objects, which consist of data and metadata describing that data. Typically, these buckets are secured when they are created so that only authenticated users can access them.
But sometimes, especially in initial development of an application, these buckets are left unsecured to make it easier for multiple users to test them. The problem is when the application moves into production, no one remembers to secure the bucket, leaving it open for anyone to gain access.
Protecting the organization from the impact of an open S3 bucket is another benefit of a cloud data preservation platform. If the data preservation software is used in conjunction with the S3 bucket, it will apply its own data encryption to the data stored in that bucket. This means even if the S3 bucket is exposed or left open, the data is unreadable by the accessor.
In addition, the data preservation software will track and alert who is accessing the data and even protect it from bulk erases. As these alerts come in IT can take immediate action to lock down the bucket so that only authenticated individuals can access the data. While nothing replaces the best practices of secure a S3 bucket, having an extra layer of protection to prevent against potential data loss is always a good idea.
Moving data to the cloud is something many organizations are considering. But security concerns continually plague the process. Data preservation solutions not only provide that extra layer of protection, they provide a full audit log on who is accessing cloud-based data.
To learn more about safely and responsibly preserving data in the cloud watch our live webinar, “The Showdown for Data Preservation: Iron Mountain vs. The Cloud”.