Amazon has become the first public cloud provider to blend Artificial Intelligence with cloud storage to help customers secure data. The new service dubbed Amazon Macie relies on Machine Learning to automatically discover, classify, and protect sensitive data stored in AWS. This service reports potential risks involved with the stored data, its permissions, and access patterns.
Amazon S3 is a popular cloud-based storage service trusted by millions of customers. From large enterprises to early-stage startups, businesses of all sizes store content, documents, and other digital assets in S3. Before uploading documents to Amazon S3, customers are expected to create Buckets, the logical containers that hold the documents and data. Each Bucket can have a different level of permissions to enable or disable access to the documents. Data stored in Buckets with public access can be pretty much read by anyone on the Internet.
Though there are multiple techniques and best practices to secure S3 Buckets and files, many users don’t take that seriously. In May 2017, Gizmodo reported that over 60,000 sensitive files belonging to the US government were found on Amazon S3 with public access. Out of this, about 28GB of data contained unencrypted passwords owned by government contractors with Top Secret Facility Clearance. Earlier this year, the US National Geospatial-Intelligence Agency (NGA) engaged Booz Allen to collect and analyze geospatial data captured by spy satellites and aerial drones. Chris Vickery, a cyber risk security analyst from UpGuard, discovered several passwords and keys belonging to Booz Allen employees working on the NGA project in publicly accessible Amazon S3 Buckets. This is just one of the examples where sensitive data is left open to the public.
Read the entire article at Forbes