Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Recently, we have heard multiple stories revolving around "AWS S3 bucket Leaks", How can we avoid this? Here is a checklist of things you should configure to ensure your critical data is secure.

Friday, September 7, 2018

Recently, we have heard multiple stories revolving around "AWS S3 bucket Leaks", How can we avoid this? Here is a checklist of things you should configure to ensure your critical data is secure.

what seemed to be an obvious configuration mistake, two primary reasons surfaced:

1. Too Much Flexibility (Too Many Options) Turns into Easy Mistakes
There are five different ways to configure and manage access to S3 buckets.
The more ways to configure implies more flexibility but also means that higher chances of making a mistake. The other challenge is that there are two separate policies one for buckets and one for the objects within the bucket which make things more complex.

2. A “User” in AWS is Different from a “User” in your Traditional Datacenter
On an AWS account, the “Everyone” group includes all users (literally anyone on the internet) and “AWS Authenticated User” means any user with an AWS account

S3 Security Checklist

Audit for Open Buckets Regularly
Encrypt the Data
Encrypt the Data in Transit
Enable Bucket Versioning
Enable MFA Delete
Enable Logging
Monitor all S3 Policy Changes
Track Applications Accessing S3
Limit Access to S3 Buckets
Close Buckets in Real time

http://infosecisland.com/blogview/25056-Avoiding-Holes-in-Your-AWS-Buckets.html

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Friday, September 7, 2018

Recently, we have heard multiple stories revolving around "AWS S3 bucket Leaks", How can we avoid this? Here is a checklist of things you should configure to ensure your critical data is secure.

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive