AWS plugs leaky S3 buckets with CloudKnox integration

Partnership aims to address S3's pervasive human error problem

AWS has launched a new tool to help customers avoid data leaks within its simple storage service.

The AWS IAM Access Analyzer is a new function that analyses resource policies to help administrators and security teams protect their resources from unintended access.

It comes from an integration with CloudKnox, a company that specialises in hybrid cloud access management.

It's a strategic integration designed to protect organisations against unintended access to critical resources and mitigate the risks they face, such as overprivileged identities, according to Balaji Parimi, CEO of CloudKnox.

"Exposed or misconfigured infrastructure resources can lead to a breach or a data leak," he said. "Combining AWS IAM Access Analyzer's automated policy monitoring and analysis with CloudKnox's identity privilege management capabilities will make it easier for CloudKnox customers to gain visibility into and control over the proliferation of resources across AWS environments."

Amazon S3 is one of the most popular cloud storage services, but because of human error, it's historically been a bit of a security liability, according to Sean Roberts, GM of Cloud Business Unit at hybrid managed services provider Ensono.

"Over the last few years, hundreds of well-known organisations have suffered data breaches as a direct result of an incorrect S3 configuration -- where buckets have been set to public when they should have been private," he said.

"When sensitive data is unintentionally exposed online, it can damage an organisation's reputation and lead to serious financial implications. In real terms, this sensitive data is often usernames and passwords, compromising not only the business but its customers too."

In July, more than 17,000 domains were said to have been compromised in an attack launched by the prolific hacking group Magecart that preyed on leaky S3 buckets. Looking back over the last two years, a number of companies and organisations such as NASADow Jones and even Facebook have been seen breaches from this S3 Buckets.

With the Access Analyzer, there's a new option in the console for IAM (Identity and Access Management). The toll alerts customers when a bucket is configured to allow public access or access to other AWS accounts. There is also a single-click option that will block public access.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021