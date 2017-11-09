Privacy & Security

After string of breaches, Amazon upgrades security features for cloud server

A new warning feature will appear on multiple spots across the console, while a privacy feature includes support to encrypt all S3 data by default.
By Jessica Davis
November 09, 2017
10:03 AM
Share
AWS cloud server

Amazon office front door. Flickr photo by Robert Scoble

After a long line of customers failed to properly secure their data and exposed massive amounts of data to the public, Amazon Web Services has decided to update its S3 server dashboard with a visible warning for server admins that data are publically accessible.

The new warning feature is a bright-orange button that appears in various spots across the AWS console. The company said the idea is for admins to see these warnings and review access rights of the S3 buckets to avoid exposing sensitive data to the public.

Prior to the new features, admins would need to create a bucket policy that would reject unencrypted objects to ensure all objects were encrypted. The new tool lets the user install a bucket encryption configuration to make sure objects are encrypted using the specified method.

[Also: Data on 150,000 patients exposed in another misconfigured AWS bucket]

Essentially, the new feature would include support for encrypting all S3 data by default.

Further, the new dashboard clearly labels buckets that are publicly accessible and lets admin control the privacy settings of each block with an access control list.

The database will also send daily and weekly inventory reports that include the encryption status of each object -- and the report can also be encrypted.

[Also: Kromtech launches tool to identify and prevent Amazon cloud server leaks]

All of the new security options are provided at no extra cost to customers.

The AWS dashboard updates come after a year with a long line of massive breaches, stemming from admins failing to properly configure databases.

Just last month, Accenture breached client data in four separate buckets after its admin accidentally left the data open to the public. Third-party vendor Patient Home Monitoring exposed the data of more than 150,000 patients after it failed to lock its data down.

Verizon is also part of the group, as it recently notified 14 million of its customers that their personal data was left exposed online. Other high profile companies and health systems have also accidentally breached data in this manner by failing to secure data in the cloud.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Topics: 
Cloud Computing, Privacy & Security
Share
View all comments 0

Top Story

clinical analytics
Top Story
Hospitals plan to boost investments in clinical analytics by 17%

Most Read

Nuance still down after Petya cyberattack, offers customers alternative tools
Hospital datacenters: Extinct in 5 years?
How does blockchain actually work for healthcare?
WSU hard drive theft potentially impacts 1 million people
Blockchain's potential use cases for healthcare: hype or reality?
Accenture latest to breach client data due to misconfigured AWS server

Research

White Papers

More Whitepapers

Cloud Computing
Accountable Care
Workflow

Webinars

More Webinars

Precision Medicine
Privacy & Security
Privacy & Security

Video

HIMSS CEO Hal Wolf: Healthcare has to innovate faster than ever
Assessing the reliability of cloud vendors in healthcare
Managing the security risk in connected medical devices
Blockchain for cybersecurity: What is its potential, what are its limitations?

More Stories

telemedicine in Puerto Rico
NewYork-Presbyterian specialists use telemedicine to treat stranded Puerto Ricans
VA telehealth

The VA Provider Accountability Act would prevent medical providers with disciplinary actions on their record from crossing state lines to keep practicing medicine.

Bill would require VA to report disciplined providers to database
UDI on Medicare forms

Sen. Chuck Grassley on the Senate floor Nov. 1. Credit: C-span

Senators say they are tired of waiting for CMS stance on UDIs
Eli Lilly exec Alex Azar as HHS Secretary

Former Eli Lilly exec Alex Azar previously served as HHS deputy secretary under President George W. Bush. Credit: YouTube

Eli Lilly exec reportedly Trump’s pick to lead HHS
VA email system
VA hopes email tweak with free up more time for doctors
AWS cloud server

Amazon office front door. Flickr photo by Robert Scoble

Amazon upgrade hopes to stop flow of AWS breaches
artificial intelligence solving problems in healthcare
How AI is transforming healthcare and solving problems in 2017

UCSD's supercomputer center. Credit: UCSD

How a precision medicine CDS bested oncologists at picking a treatment