Amazon has taken the hint regarding security of its cloud-based
Simple Storage Service (S3) and updated it so that all newly added objects are encrypted by default. The move comes after the cloud giant announced new default bucket security settings in December.
S3 - initally known as the Simple Storage Service - was the first service made available when Amazon launched AWS as a public cloud way back in 2006. While the object storage platform has proven popular, Amazon's policy of leaving it up to the user to configure security settings has played its part in a number of data breaches over the years when buckets were unintentionally exposed to the outside world.
As of January 5, the S3 platform now encrypts all new objects added to buckets by default, applying server-side encryption (SSE-S3) using 256-bit AES for each new object, unless the user specifies a different encryption option. This change is effective now across all AWS Regions.
www.theregister.com
