Cloud Storage: Amazon S3 Gets Server-Side Encryption
The Amazon S3 storage cloud is upping its security game, bringing easy server-side encryption to customer data.
All it takes to leverage the so-called Amazon S3 Server Side Encryption (SSE), according to the Amazon Web Services blog entry, is adding a request header when writing data to the S3 cloud. When the data is retrieved, decryption is automatic.
As for the security itself, here’s what Amazon has to say in that same blog entry:
Amazon S3 Server Side Encryption employs strong multi-factor encryption. Each object is encrypted with a unique key. As an additional safeguard, this key itself is encrypted with a regularly rotated master key. Amazon S3 Server Side Encryption uses one of the strongest block ciphers available — 256-bit Advanced Encryption Standard (AES-256) — to encrypt your data.
It’s a first for a public cloud storage provider of Amazon S3’s scale: ISVs including StorSimple brought a similar approach to cloud encryption to the Microsoft Windows Azure Storage platform earlier this year, but to TalkinCloud’s knowledge, this is the first baked-in implementation, and I’m sure it’ll garner some applause from the cloud ISV and service provider communities.
Needless to say, we’ll continue to keep an eye on the cloud storage market and Amazon Web Services as vendors attempt to meet their customers’ security needs.