BLOG
|

2 min read

Protect Your Amazon S3 Buckets

Blog post featured image

There is no doubt that as each day goes by, more and more data is migrating into cloud storage. The public cloud, or Infrastructure as a Service (IaaS) as some call it, has become the new normal. Out of all the data store service providers out there like Azure Blob Storage and Google Cloud Storage, the largest by far is Amazon Simple Storage Service (Amazon S3). It has gotten so large that AWS acknowledged their store capacity in the excess of exabytes of storage and trillions of objects. Imagine the size of the earth is measured as one gigabyte. Then the size of the sun would be equivalent to an exabyte.  It’s hard to imagine... 

Like with any other platform that becomes popular, it gets the attention of the malicious actors out there. The Black Hat community have attacked all the cloud storage solutions previously mentioned, however the new vector for hackers is the Amazon S3 environment.  

Security in Your Amazon S3 Buckets

Securing these environments is simple on one hand and complex on the other. Following best practices and having a safety procedure in place to protect stored data sounds simple enough. Inherently, the Amazon S3 platform has a robust set of tools to secure it in different ways, the complexity however, and the area most prone to error, is the human judgement in the equation.

There are a variety of opportunities to make mistakes and those mistakes are what hackers are always looking for. Setting up access controls properly, making sure your backups are in the proper place, ensuring that your data is in the right region (data sovereignty) and that you have the appropriate encryption in place all play into keeping your data secure. Yet, with all these tools to keep your data safe, malware and viruses are starting to pop up, causing real harm to companies within the S3 environment.

If your organization allows third parties to upload data to your Amazon S3 buckets as part of a web application workflow, your customers and hackers will have the same access. These files can be infected with malware, computer worms known as ransomware, spyware, adware, trojan horses, keyloggers, rootkits, bootkits, malicious browser helper objects and other software used to do harm. It is a real threat. They can be embedded in familiar files like PDF, JPG, and even XLS and DOC. Adding another layer of protection to your Amazon S3 buckets has become an imperative. Preventing the spread of these malware to your employees, your clients, your vendors needs to be factored in when you are considering your security protocols.

A Cautionary Tale

Not long ago the cloud communications platform-as-a-service (CPaaS) giant Twilio, had a serious security breach. Attackers accessed a misconfigured Amazon S3 bucket and modified the TaskRouter Javascript SDK. This altered Javascript SDK was then shared with its customers. With more than 5 million developers and 150,000 companies using Twilio, you can imagine that it was more than just embarrassing. 

So What Can You do to Play it Really Safe? 

Cloud Storage Security has developed easy to use and easy to deploy antivirus software for Amazon S3 available as a container in AWS Marketplace. You can now protect your data and the data of your clients and stakeholders. Leaving your Amazon S3 world exposed isn’t really an option anymore. 

In most cases, you have migrated proven traditional endpoint security solutions to protect your hybrid and cloud compute infrastructure, however, with cloud applications you must look at all the potential risks across the entire cloud infrastructure. Antivirus for Amazon S3 by Cloud Storage Security will ensure you are protecting the data in your cloud storage and the hidden threats associated with cloud workload leveraging object storage.

Start a trial today and scan 100 GB for free. 

angled bg image

Tired of Reading?

Want to watch something instead?

watch video blog cta image resized