Home Resources Blog New Security Feature to Prevent Amazon S3 Bucket Misconfiguration and Data Leaks

New Security Feature to Prevent Amazon S3 Bucket Misconfiguration and Data Leaks

Admin Globaldots
19.11.2018
image 1 Min read

Hardly a week goes by that we don’t hear about an organization leaving sensitive data exposed on the Internet because they failed to properly configure their Amazon S3 buckets.

Amazon Web Services, to their credit, are trying to prevent this from happening.

For one, all newly created S3 buckets and objects (files and directories in the bucket) are by default private, i.e. not publicly accesible by random people via the Internet. Secondly, changes implemented earlier this year made it possible for customers to easily identify S3 buckets that are publicly accessible due to Access Control Lists (ACLs) or policies that allow read/write access for any user.

But even that’s not enough, so the company is rolling out a new security feature: Amazon S3 Block Public Access.

This new feature allows account owners/administrators to centrally block existing public access (whether made possible via an ACL or a policy) and to make sure that newly created items aren’t inadvertently granted public access.

Read more: Help Net Security

Read More

Inform every aspect of your product & business with CDN Monitoring
Monitoring, Logging & Observability
Snir Ambar, Head of AI & Innovation @ GlobalDots 22.09.22

Extract actionable real-time insights, optimize performance and identify issues before they become problems – by unlocking the hidden value of CDN logs! Get 14 days free access to all features right now.

Watch more
Cybersecurity takes center stage
DevOps as a Service
Artem Mescheryakov, Senior DevOps Engineer, GlobalDots 20.09.22

In recognition of National Coding Week, Geektime.com, a top media channel covering tech, startup, venture capital, internet, mobile, development and more – featured a guest post by Artem Mescheryakov, Senior DevOps Engineer at GlobalDots:  “National Coding Week is about learning the value and importance of digital skills as well as nurturing the increasingly important skill of coding. Developer shortages […]

Read more
A CISO’s Essential Guide to API Security
API Security
Admin Globaldots 15.09.22

Learn how to reduce the business risk of API attacks – and maximize the value of digital innovation.  APIs are the entry point to your organization’s most critical data and services. Their protection is crucial to reduce risks, maximize program value, and generate growth. In this guide, we take a close look at the special […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo