Amazon Web Services (AWS) continues to advance the capabilities of cloud storage with a range of new features and enhancements, each offering unique benefits to businesses leveraging the AWS platform. Announcements made in December 2024 at AWS re:Invent included Storage Browser for Amazon S3, Queryable Object Metadata, Amazon S3 Tables, FSx Intelligent-Tiering and Physical data transfer terminals. These enhancements reflect AWS’ ongoing innovation in data management and storage optimization.
Cloud Storage Security’s (CSS) mission is to provide comprehensive data security across cloud environments, including malware scanning and event-driven protection to ensure critical data protection. The following is an overview of some of AWS’ key storage advancements and how CSS can enhance security for the AWS customers and end users who use them.
Storage Browser for Amazon S3
This open source UI component allows AWS customers to build web apps that interface directly with S3, which means end users can seamlessly browse, download, upload, and manage files. It’s essentially a portal for employees, customers, and partners to interact with a company’s S3 environment. Because data can be uploaded and downloaded by anyone with access, it is critical that organizations integrate malware scanning with event-based protection on the S3 buckets accessed by this feature. According to the AWS shared responsibility model, AWS manages the infrastructure while customers manage data security. A ‘trust no data’ approach is key to preventing malware intrusion and ransomware attacks. CSS provides advanced malware protection at the storage level to ensure every interaction remains secure and compliant. With CSS, when data is shared or accessed it is clean, and businesses are protected.
Queryable Object Metadata for Amazon S3
CSS already supports querying metadata within the Findings tables in the CSS console, but AWS' new metadata feature (available in preview) enhances that capability by allowing customers to query tags applied by our scanning agent. In doing so, customers won’t have to go into the CSS console to determine what files have already been scanned, have been marked as infected, or are deemed unscannable by CSS. They will be able to easily and efficiently query this information using Apache Iceberg-compatible tools such as Amazon Athena, Amazon QuickSight and Amazon Redshift. With the AWS preview recently underway, we'll be keeping an eye on adoption rates for this use case as it represents a notable enhancement in user quality-of-life and furthers efficient security of cloud storage.
Amazon S3 Tables
Amazon S3 Tables allow customers to store tabular data for analysis with query engines such as Amazon Athena, Amazon Redshift, and Amazon EMR. This is the third type of Amazon S3 bucket (general purpose buckets are the original S3 bucket type and directory buckets were released in late 2023 for use with the S3 Express One Zone storage class). AWS optimizing S3 storage for Apache Iceberg adds a compelling capability and if scanning this type of data for threats is a requirement for your organization, CSS is standing by to simplify and automate the process.
FSx Intelligent-Tiering
Available today for use with Amazon FSx for OpenZFS file systems, FSx Intelligent-Tiering provides three storage tiers: Frequent Access, Infrequent Access, and Archive. AWS customers benefit from cost savings as data automatically moves between the tiers based on when data was last accessed; timeframes include ≤30 days; 30-90 days; ≥90 days. CSS helps organizations meet compliance mandates for scheduled scanning and rescanning of data to protect against newer strains of malware that may have slipped through prior scans undetected. Our engines are regularly updated and an integration with Amazon Bedrock provides a malware content breakdown and remediation suggestions. Support for intelligent-tiering is on CSS’s roadmap; contact us for an update on timing.
Physical AWS Data Transfer Terminals
Looking for a fast and efficient way to upload large volumes of data to the cloud? Consider AWS’ Physical Data Transfer Terminals. Now generally available with locations in New York and Los Angeles (more locations are planned), customers can schedule an appointment to upload and transfer substantial datasets from storage devices like AWS Snowball to AWS cloud storage services like Amazon S3 and EFS. This streamlined process significantly reduces upload times. To complement these high-volume transfers, robust malware protection should be applied to the storage buckets or volumes receiving the ingested data. CSS can scan the data in real time before it arrives or after it’s already in place.
From supporting large-scale data transfers with enhanced data protection to enabling metadata insights that move data security forward and simplifying storage use, AWS is extending the value of cloud environments for its customers.
By integrating CSS malware protection capabilities alongside these advancements, you empower your business to build and manage data in the cloud responsibly, and set the course for more efficient, secure business operations. Click here to start a free trial in AWS Marketplace to enhance security for AWS storage today.
Share:
