Protect your Amazon S3 buckets

In Amazon S3 Security, Malware, Object Storage by adminLeave a Comment

Protect your Amazon S3 Buckets

There is no doubt that as each day goes by, more and more data is migrating into cloud storage. The public cloud or IaaS as some call it, has become the new normal. Out of all the data store service providers out there like Azure blob store, Google Cloud, the largest by far is Amazon S3. It has gotten so large that Amazon acknowledged their store capacity in the excess of exabytes of storage and trillions of objects. Imagine the size of the earth is measured as one gigabyte.

Then the size of the sun would be equivalent to an exabyte. I know it’s hard to imagine. 

Like with any other platform that becomes popular, it gets the attention of the malicious users out there. The Black Hat community have attacked all the cloud storage solutions previously mentioned, however the new vector for hackers is the Amazon S3 object storage environment.  

The Security in your Amazon S3

Securing these environments is simple on one hand and complex on the other. Following best practices and having a safety procedure in place to protect stored data sounds simple enough. Inherently, the Amazon S3 platform has a robust set of tools to secure it in different ways, the complexity however, and the area most prone to error is the human judgement in the equation. There are a variety of opportunities to make mistakes and those mistakes are what hackers are always looking for. Setting up access controls properly, making sure your backups are in the proper place, ensuring that your data is in the right region (data sovereignty) and that you have the appropriate encryption in place all play into keeping your data secure. With all these tools to keep your data safe, malware and viruses are starting to pop up and becoming rampant, causing some real harm to companies within the S3 environment.

Your customers and hackers will have the same access allowing files to be uploaded to your Amazon S3 buckets. These files can be infected with malware, computer worms known as ransomware, spyware, adware, trojan horses, keyloggers, rootkits, bootkits, malicious browser helper objects and other software used by hackers to do harm. It is a real threat. They can be embedded in familiar files like PDF, JPG, and even XLS and DOC. Adding another layer of protection to your Amazon S3 buckets has become an imperative. Preventing the spread of these malware to your employees, your clients, your vendors needs to be factored in when you are considering your security protocols.

A Cautionary Tale

Just recently the cloud communications platform-as-a-service (CPaas) giant Twilio, had a serious security breach. Attackers accessed a misconfigured Amazon S3 bucket and modified the TaskRouter Javascript SDK. This altered Javascript SDK was then shared with its customers. With more than 5 million developers and 150,000 companies using Twilio, you can imagine that it was more than just embarrassing. 

So what can you do to play it really safe? 

Cloud Storage Security has developed an easy to use and easy to deploy antivirus software for Amazon S3 available as a container on the AWS Marketplace. You can now protect your data and the data of your clients and stakeholders. Leaving your Amazon S3 world exposed isn’t really an option anymore. 

In most cases, you have migrated proven traditional endpoint security solutions to protect your hybrid and cloud compute infrastructure, however, with cloud applications you must look at all the potential risks across the entire cloud infrastructure. Cloud Storage Security Antivirus for Amazon S3 will ensure you are protecting your cloud storage and the hidden threats associated with cloud workload leveraging object storage.

For more information check out our resources page

View Post

Amazon S3 Security Best Practices

In Amazon S3 Security, Object Storage by adminLeave a Comment

The Shared Responsibility Model for Object Storage

As malware attack vectors continue to grow and more and more security features are built above and below the delineation of “Security of the Cloud” (provided by AWS) and “Security in the Cloud” (your job), security teams will need to ensure a proper framework to protect their
applications and data.

The Shared Responsibility Model helps identify the reduced operational burden for public Cloud
customers, however, it is solely your role to protect all customer data and corporate data.

Here are some initial preventative practices to ensure your buckets, your data and your applications are safe. It is essential you ensure consistent cloud security controls and procedures across all account groups, users and roles. In addition, performing regular reviews of your written security framework will ensure the proper security controls and policy to keep your data and applications safe.

Ensure proper and correct Amazon S3 policies. Bucket permissions policy is set to private by default, however, only buckets that require public access to be exposed using Amazon S3 block public access. The Amazon S3 Block Public Access feature provides settings for access points, buckets, and accounts to help you manage public access to Amazon S3 resources.

Scan for malware and viruses. You should be scanning any buckets that are exposed to the public and specifically allow unknown third parties to write to your Amazon S3. In addition, outbound files should be scanned to ensure your customers and corporate applications are not at risk. It is your responsibility to keep your data lake free of malware. A free trial of Antivirus for Amazon S3 is available on the AWS Marketplace.

Least Privilege access. Only the minimal permissions should be granted to Amazon S3 resources using a multi-factor IAM.

Encryption is paramount. All data at rest and in transit should be encrypted. Encrypt, encrypt, encrypt. Get the point?

Enable Amazon S3 cross-region replication to extend your data across greater geographic zones.

Leverage AWS native tools like CloudTrail data events and CloudWatch alerting and logging.

Establish data lifecycle policies. It ensures data will ultimately age out and keep costs down.

Computer malware and viruses are rampant and an everyday fact of doing business. Historically malware has been delivered through email, web or even file sharing through network shares. The threat has evolved to include a new attack vector of uploading files to cloud storage. Users and applications have come to rely on public cloud to provide storage for critical business data. Cloud Storage Security Antivirus for Amazon S3 protects Amazon S3 storage.

Leveraging a consistent, written security framework will keep your object storage, files and applications safe from malicious intent and the hidden threats within Amazon S3.