///////////////////////////////////////////////////////////////////////////////////////////
FINAL WORD
Expert tells us
the AWS bucket
list for security
Securing data is more important now
than ever and companies are relying
on the cloud. We hear from Professor
Avishai Wool, CTO and Co-founder
at AlgoSec, who lets us know the
precautions we should be taking to
reduce data hacking cases.
W
ith organisations having a seemingly insatiable appetite
for the agility, scalability and flexibility offered by the
cloud, it’s little surprise that one of the market’s largest
providers, Amazon’s AWS, continues to go from strength to strength.
In its latest earnings report, AWS reported a 45% revenue growth
during Q4 2017.
However, AWS has also been in the news recently for the wrong
reasons following a number of breaches of its S3 data object
storage service. Over the past 18 months, companies including Uber,
Verizon and Dow Jones have had large volumes of data exposed via
misconfigured S3 buckets. Between them, the firms inadvertently
made public the digital identities of hundreds of millions of people.
Sub-par security practices
It’s important to note that these potential breaches were not caused
by problems at Amazon itself. Instead, they were the result of users
misconfiguring the Amazon S3 service and failing to ensure proper
controls were set-up when uploading sensitive data to it. In effect,
data was placed in S3 buckets and secured with a weak password –
or in some cases, no password at all.
www.intelligentcio.com
INTELLIGENTCIO
103