We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Cloud misconfigurations expose organizations to significant risk, according to a new analysis of Amazon Web Services (AWS) Simple Storage Service (S3) buckets conducted by Lightspin, a cloud security provider. In-depth research into 40,000 AWS buckets and their cloud storage permissions found that 46% of AWS S3 buckets could be misconfigured and should therefore be considered unsafe, Lightspin said.
Misconfigured S3 buckets can open your cloud environment up to a huge amount of risk. Public read access could lead to a data breach, while public write access can launch malware or encrypt data to hold your company ransom.
Certain AWS cloud storage permissions are currently complex and even obtuse, as one of the AWS access options is defined as “Objects can be public.” As AWS evaluates the access permissions of all files at the bucket level, rather than the object level, an object’s ACL is not considered. In short, the definition “Objects can be public” doesn’t allow organizations to definitively understand whether their objects are accessible or not. The diagram above can help to visualize which objects would be given this classification.
Lightspin’s research revealed that more than 40% of AWS S3 buckets have this definition attached, on top of the 4% that are defined as public. As part of this research, the company created a free, open source Python tool that scans the cloud environment in full and clarfies which objects are public and which are not.
Read Lightspin’s full research into the risks of misconfigured S3 buckets.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.