Category: Security, Identity, & Compliance

Data is key to business, and securing it from unintended access is a critical business activity. As cloud usage increases, this can be a significant task to address. You want to verify that you aren’t unintentionally exposing or sharing data publicly. Under the Shared Responsibility Model, AWS is responsible for protecting the infrastructure that runs […]

Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]

Data lakes, powered by Amazon Simple Storage Service (Amazon S3), provide organizations with the availability, agility, and flexibility required for modern analytics approaches to gain deeper insights. Protecting sensitive or business-critical information stored in these S3 buckets is a high priority for organizations. AWS Backup for Amazon S3 makes it easier to centrally automate the […]

Customers across many industries face increasingly stringent audit and compliance requirements on data security and privacy. Certain compliance frameworks, such as FISMA, FEDRAMP, PCI DSS, and SOC 2, have specific regulatory standards for validating the security of systems. A common requirement for these compliance frameworks is more rigorous encryption standards for data-at-rest, where organizations must […]

The Java programming language has been among the most used languages in software development for many years, and a vast number of Java applications exist today. Almost all applications interact with files in some way, yet most of these have been written to interact with a file system based on block storage and cannot directly […]

When managing a fleet of Windows instances, you often need a central repository for files that can be accessed from multiple locations. Having an automatically mapped Server Message Block (SMB) file share when your end-users connect to the domain-joined instances automates the repetitive and time-consuming task of mapping file shares manually to hundreds of new […]

Update April 8, 2024: As of February 27th, 2024, all AWS service API endpoints (including for Amazon S3) now require a minimum of TLS version 1.2. Therefore, the S3 bucket and S3 Access Point policy examples in this post that enforce minimum of TLS version 1.2 are no longer necessary as this is the default […]

Enterprises strive to make sure that business critical applications, workloads, and data remain available during planned and unplanned downtime. When using the cloud, organizations must make sure to apply the same approach to business continuity and disaster recovery as they would with on-premises infrastructure. Customers on the cloud can leverage AWS Elastic Disaster Recovery (AWS […]

Update (4/27/2023): Amazon S3 now automatically enables S3 Block Public Access and disables S3 access control lists (ACLs) for all new S3 buckets in all AWS Regions. Storing data securely is a key tenet for every business. Companies balance this against the need to share data where and when it’s needed. Human security review is a […]

In today’s interconnected and data centric world, businesses must have access to the right data for data-driven decision-making, ultimately driving better business results. Collecting all the relevant data takes time and capital as it requires setting up data ingestion pipelines, hiring analysts to validate and interpret the data, and incorporating data insights that influence important […]