How Businesses Can Avoid S3 Bucket Leaks to Protect Company


            and Client Data


            Brian Johnson, CEO, DivvyCloud




            An organization that has transitioned to a cloud provider such as Amazon Web Services, Microsoft Azure,
            Google  Cloud  Platform,  or  any  combination  thereof  should  immediately  be  thinking  about  the
            configuration of cloud services as a key element to security.



            Many IT leaders and professionals make the mistake of approaching security in the cloud the same way
            they approached security in a traditional data center. However, in the software-defined world of public
            cloud,  there  is  an  added  wrinkle.    Without  a  holistic  approach  to  security  which  includes  a  view  of
            configuration, you can easily open yourself up to undue risk. Configuration is an additional challenge
            when dealing with software-defined infrastructure in the public cloud. This is especially of concern when
            empowering developers and engineers with self-service for provisioning and configuration, who may not
            be  familiar  with  security  and  having  to  deal  with  the  rate  of  change  in  the  cloud.    Because  cloud
            technology is always changing, it’s vitally important that we understand the configuration choices being
            made. Validating those configuration choices against security standards becomes far more important for
            most companies now than in the past because failing to do so, for example, in AWS S3 Buckets, can
            lead to the company data breaches that we continuously hear about in the news.








                                 91