Cloud Storage Security is always working to improve our users’ experience and we’re excited to share some of the new features that we’ve added to Antivirus for Amazon S3 — Single Sign On (SSO), Load Balancer Improvement, XL File Scanning, and Scan on Access.
News | Cloud Storage Security
Antivirus for Amazon S3 (2)
As a fast-growing learning management solution, MindEdge was receiving a growing number of questions from existing and potential customers about their security practices. MindEdge determined that the best route for elevating customer confidence was to achieve SOC 2 compliance. While preparing their roadmap for making their system and processes SOC 2 compliant, they found themselves in need of additional security controls to ensure that objects stored and shared from Amazon S3 buckets were scanned and clean from malware. The team identified three main requirements that needed to be met:
ADEC Innovations hosts an application on AWS that collects environmental data, charts, and assets from public sources and aggregates these resources as elements in a pdf report for environmental professionals. The reports are stored in Amazon S3 buckets and delivered to customers via automated email.
Occasionally, customers would report that the delivery of the file had been blocked by their firewall or that the local device’s endpoint solution warned the user of potential malicious code embedded in the report.
Antivirus for Amazon S3 was built because our founders realized cloud application workflows that use Amazon S3 have become a massive attack vector. This is especially true for workflows that ingest third party files, store them in S3 and then share them downstream.
Newly formed alliance bridges cloud storage security gap for U.S. public sector organizations using Amazon S3 in the AWS Cloud
Does your organization manage extra large files via workflows using Amazon S3 that should be scanned for viruses or malware to meet compliance requirements and eliminate downstream risk but that can't be?
Workvivo is a workplace employee communication platform that allows organizations to keep their employees engaged and up to date with what their colleagues are doing. Like many solutions hosted on AWS, Workvivo utilizes Amazon S3 as the data store for ingesting and sharing files with its application users. Since employees using the platform can upload videos, images, documents, and other files, Workvivo realized there was a need to ensure that uploaded files are scanned for viruses and malware before they are shared with downstream application users.
Cloud Storage Security is always working to improve our users’ experience and we’re excited to share some of the new features and enhancements that we’ve added into Antivirus for Amazon S3 over the past few months — Cloud Detonation Analysis, Automatic Bucket Protection, Audit Logging, Multi-factor Authentication, and API Endpoint Enhancements. Plus, AWS launched upfront contract pricing for Container products and Antivirus for Amazon S3 by Cloud Storage Security was included!
According to a release from the U.S. Department of Justice, “Roughly $350 million in ransom was paid to malicious cyber actors in 2020, a more than 300% increase from the previous year”. With Amazon S3 buckets continuously being the storage medium for uploaded files by most organizations, the attack surface is only increasing when an S3 bucket is left misconfigured and storing infected files.
Poka's connected worker platform for manufacturers leverages Amazon to store a variety of training content and user uploaded files that are then shared with downstream users as part of the application workflow. In order to meet SOC 2 compliance requirements to prove that all files were scanned for potential malware before they were shared by their solution, Poka implemented a homegrown solution leveraging an open-source virus detection engine, AWS Lambdas, and Amazon EFS as the main components. As their customer base and the volume of data and files grew, their in-house solution required increasing maintenance time to meet their real time scanning requirements.