<img src="https://ws.zoominfo.com/pixel/DyC6M8AFFyV7A9DOjJMa" width="1" height="1" style="display: none;">

Protect Your Amazon S3 Buckets

There is no doubt that as each day goes by, more and more data is migrating into cloud storage. The public cloud or IaaS as some call it, has become the new normal. Out of all the data store service providers out there like Azure blob store, Google Cloud, the largest by far is Amazon S3. It has gotten so large that Amazon acknowledged their store capacity in the excess of exabytes of storage and trillions of objects. Imagine the size of the earth is measured as one gigabyte.

Then the size of the sun would be equivalent to an exabyte. I know it’s hard to imagine. 

Like with any other platform that becomes popular, it gets the attention of the malicious users out there. The Black Hat community have attacked all the cloud storage solutions previously mentioned, however the new vector for hackers is the Amazon S3 object storage environment.  

 

The Security in Your Amazon S3 Buckets

Securing these environments is simple on one hand and complex on the other. Following best practices and having a safety procedure in place to protect stored data sounds simple enough. Inherently, the Amazon S3 platform has a robust set of tools to secure it in different ways, the complexity however, and the area most prone to error is the human judgement in the equation. There are a variety of opportunities to make mistakes and those mistakes are what hackers are always looking for. Setting up access controls properly, making sure your backups are in the proper place, ensuring that your data is in the right region (data sovereignty) and that you have the appropriate encryption in place all play into keeping your data secure. With all these tools to keep your data safe, malware and viruses are starting to pop up and becoming rampant, causing some real harm to companies within the S3 environment.

Your customers and hackers will have the same access allowing files to be uploaded to your Amazon S3 buckets. These files can be infected with malware, computer worms known as ransomware, spyware, adware, trojan horses, keyloggers, rootkits, bootkits, malicious browser helper objects and other software used by hackers to do harm. It is a real threat. They can be embedded in familiar files like PDF, JPG, and even XLS and DOC. Adding another layer of protection to your Amazon S3 buckets has become an imperative. Preventing the spread of these malware to your employees, your clients, your vendors needs to be factored in when you are considering your security protocols.

 

A Cautionary Tale

Just recently the cloud communications platform-as-a-service (CPaas) giant Twilio, had a serious security breach. Attackers accessed a misconfigured Amazon S3 bucket and modified the TaskRouter Javascript SDK. This altered Javascript SDK was then shared with its customers. With more than 5 million developers and 150,000 companies using Twilio, you can imagine that it was more than just embarrassing. 

 

So What Can You do to Play it Really Safe? 

Cloud Storage Security has developed an easy to use and easy to deploy antivirus software for Amazon S3 available as a container on the AWS Marketplace. You can now protect your data and the data of your clients and stakeholders. Leaving your Amazon S3 world exposed isn’t really an option anymore. 

In most cases, you have migrated proven traditional endpoint security solutions to protect your hybrid and cloud compute infrastructure, however, with cloud applications you must look at all the potential risks across the entire cloud infrastructure. Cloud Storage Security Antivirus for Amazon S3 will ensure you are protecting your cloud storage and the hidden threats associated with cloud workload leveraging object storage.

For more information check out our resources page.