Privacy & Security

After string of breaches, Amazon upgrades security features for cloud server

A new warning feature will appear on multiple spots across the console, while a privacy feature includes support to encrypt all S3 data by default.
By Jessica Davis
November 09, 2017
10:03 AM

After a long line of customers failed to properly secure their data and exposed massive amounts of data to the public, Amazon Web Services has decided to update its S3 server dashboard with a visible warning for server admins that data are publically accessible.

The new warning feature is a bright-orange button that appears in various spots across the AWS console. The company said the idea is for admins to see these warnings and review access rights of the S3 buckets to avoid exposing sensitive data to the public.

Prior to the new features, admins would need to create a bucket policy that would reject unencrypted objects to ensure all objects were encrypted. The new tool lets the user install a bucket encryption configuration to make sure objects are encrypted using the specified method.

[Also: Data on 150,000 patients exposed in another misconfigured AWS bucket]

Essentially, the new feature would include support for encrypting all S3 data by default.

Further, the new dashboard clearly labels buckets that are publicly accessible and lets admin control the privacy settings of each block with an access control list.

The database will also send daily and weekly inventory reports that include the encryption status of each object -- and the report can also be encrypted.

[Also: Kromtech launches tool to identify and prevent Amazon cloud server leaks]

All of the new security options are provided at no extra cost to customers.

The AWS dashboard updates come after a year with a long line of massive breaches, stemming from admins failing to properly configure databases.

Just last month, Accenture breached client data in four separate buckets after its admin accidentally left the data open to the public. Third-party vendor Patient Home Monitoring exposed the data of more than 150,000 patients after it failed to lock its data down.

Verizon is also part of the group, as it recently notified 14 million of its customers that their personal data was left exposed online. Other high profile companies and health systems have also accidentally breached data in this manner by failing to secure data in the cloud.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Topics: 
Cloud Computing, Privacy & Security

More regional news

VA building signage

House passes veterans healthcare package without RESET Act

By
Andrea Fox
November 21, 2024
David Miles of Oklahoma Heart Hospital

Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm

By
Bill Siwicki
November 21, 2024
Healthcare workers looking at X-ray images on monitors

Streamlining healthcare operations with multicloud-by-design

November 21, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

VA building signage
House passes veterans healthcare package without RESET Act

Most Read

Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM
Sens. Warner & Wyden seek healthcare cybersecurity mandates in new bill

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards

More Stories

BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
George Pappas of Intraprise Health on cybersecurity
How to protect telemedicine from cyberattacks