AWS celebrated 16 years since the launch of Amazon S3 with AWS Pi Day on March 14, 2022. Since the beginning of the year, some incredible announcements have been made including improvements to file integrity, the new Glacier Instant Retrieval storage class, general availability of AWS Backup, and much more. With over 200 trillion files being stored (that’s 29,000 files per person on earth) and more than 100 million requests per second for files, S3 is used now more than ever. However, there’s still one aspect of storage security that continues to be overlooked — the topic of antivirus scanning.
Amazon maintains a Shared Responsibility Model that makes it clear for customers that the customer is responsible for the configuration and security of their own AWS environment; this includes file storage and the files being uploaded to the environment. Ultimately, AWS operates the infrastructure and ensures security at that level but when it comes to actually securing your individual buckets and the integrity of your files, it all falls on you to protect.
We Already Have Antivirus Software On Our Devices
While your organization may have antivirus software across its team's devices through traditional endpoint security solutions, that’s just one part of a well tailored defensive infrastructure.
You must also consider the potential risks associated with users who aren’t a part of your network and who could intentionally (or even unintentionally) upload malicious files or objects that are ingested into your Amazon S3 data lake or application workflow and that are ultimately served downstream.
By intentionally and proactively scanning files and objects for malware and viruses, you’re able to ensure they are clean before they ever reach your buckets or end users (and maintain compliance with regulatory requirements).
Antivirus for Amazon S3
Cloud Storage Security makes data protection easy with our Antivirus for Amazon S3 solution.
Implementing Antivirus for Amazon S3 provides your organization with a first line of defense against problem files as well as evidence of scanning to meet regulatory requirements.
Multiple detection engines can be used to scan objects as large as 5 TB against the latest virus signatures for any viruses and malware. To prevent process disruption, a variety of scanning options are available:
- Retro/on access scanning - for objects that have already been written to the bucket, you can scan on demand, via schedule, or when downloaded
- Event-based scanning - when objects are dropped into S3, you can scan in near real time
- API-based scanning - you can scan files inside or outside of AWS before they are written (this is especially useful if you initiate a workflow where the scan dictates whether the object should be stored in Amazon S3)
Once a scan is complete, a verdict is returned. If an object is found to be infected, you may quarantine it in a separate bucket for further review, cutting off access, or you may delete it or decide to keep it in place. If the file is safe, you are able to continue using it.
Antivirus for Amazon S3 has a user-friendly console, but also integrates with AWS Security Hub for consolidated reporting. Amazon Simple Notification Service (SNS), Slack, and other delivery systems can be used for alerts.
Moreover, the solution optimizes cost with its Smart Scan option, which allows you to trigger scans when a certain number of objects accumulate (as opposed to scanning whenever an object is placed in the scanning queue) and its scheduling option, which allows you to define when the agents run a scan.
Malware scanning is a necessary, additional layer of security that bolsters protections and should be integrated in a defense-in-depth strategy. Ensure the files stored in your Amazon S3 environment are safe. Scan up to 500 GB for free with a 30 day Commercial or GovCloud trial in AWS Marketplace.