How to Prevent an AWS Cloud Bucket Data Leak

How to Prevent an AWS Cloud Bucket Data Leak
Misconfigured AWS buckets have led to huge data breaches. Following a handful of practices will help keep you from becoming the next news story.

(image by conceptualmotion, via Adobe Stock)



When it comes to public cloud services, there's Amazon's AWS and then there's everyone else. With an estimated 39% market share, it's a rare cybersecurity professional who won't encounter AWS at some point in their career. And there's no question that protecting data in AWS begins with understanding bucket security.


By the most simple definition, a bucket is a place to put stuff. You can think of a bucket as a directory or a folder (depending on your point of reference), but there are two key things to know about any bucket you create. First, unlike many cloud resources, a bucket exists somewhere — you specify the geographic region where your bucket will sit. This is important if particular regulations and jurisdictions are important to you.


Next, there are a ton of ways to get stuff into and out of your bucket. This makes buckets incredibly useful — and also presents the most obvious security risks for bucket use.


Fortunately, from Amazon and a number of other sources scattered around the Internet, there are a handful of crucial practices that, if followed, will keep your data from sloshing out of its bucket and landing all over the web.


The cautionary tale


Recent cloud bucket data leak catastrophes like the Capital One breach show that there both cloud users and cloud service providers like ..