IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

AWS plugs leaky S3 buckets with CloudKnox integration

Partnership aims to address S3's pervasive human error problem

AWS has launched a new tool to help customers avoid data leaks within its simple storage service.

The AWS IAM Access Analyzer is a new function that analyses resource policies to help administrators and security teams protect their resources from unintended access.

It comes from an integration with CloudKnox, a company that specialises in hybrid cloud access management.

It's a strategic integration designed to protect organisations against unintended access to critical resources and mitigate the risks they face, such as overprivileged identities, according to Balaji Parimi, CEO of CloudKnox.

"Exposed or misconfigured infrastructure resources can lead to a breach or a data leak," he said. "Combining AWS IAM Access Analyzer's automated policy monitoring and analysis with CloudKnox's identity privilege management capabilities will make it easier for CloudKnox customers to gain visibility into and control over the proliferation of resources across AWS environments."

Amazon S3 is one of the most popular cloud storage services, but because of human error, it's historically been a bit of a security liability, according to Sean Roberts, GM of Cloud Business Unit at hybrid managed services provider Ensono.

"Over the last few years, hundreds of well-known organisations have suffered data breaches as a direct result of an incorrect S3 configuration -- where buckets have been set to public when they should have been private," he said.

"When sensitive data is unintentionally exposed online, it can damage an organisation's reputation and lead to serious financial implications. In real terms, this sensitive data is often usernames and passwords, compromising not only the business but its customers too."

In July, more than 17,000 domains were said to have been compromised in an attack launched by the prolific hacking group Magecart that preyed on leaky S3 buckets. Looking back over the last two years, a number of companies and organisations such as NASADow Jones and even Facebook have been seen breaches from this S3 Buckets.

With the Access Analyzer, there's a new option in the console for IAM (Identity and Access Management). The toll alerts customers when a bucket is configured to allow public access or access to other AWS accounts. There is also a single-click option that will block public access.

Featured Resources

Accelerating healthcare transformation through patient-centred medtech solutions

Seize the digital transformation opportunities to streamline patient care and optimise patient outcomes

Free Download

Big payoffs from big bets in AI-powered automation

Automation disruptors realise 1.5 x higher revenue growth

Free Download

Hyperscaler cloud service providers top ten

Why it's important for companies to consider hyperscaler cloud service providers, and why they matter

Free Download

Strategic app modernisation drives digital transformation

Address business needs both now and in the future

Free Download

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Defra's legacy software problem 'threatens' UK gov cyber security until 2030
Business strategy

Defra's legacy software problem 'threatens' UK gov cyber security until 2030

6 Dec 2022
US seizes millions in stolen COVID relief funds by China-backed hackers
Policy & legislation

US seizes millions in stolen COVID relief funds by China-backed hackers

6 Dec 2022