Amazon says customers have to secure own data

By Jack Stubbs

Amazon's cloud computing customers have to decide themselves how best to protect sensitive information online, a senior executive said on Tuesday, following accusations by U.S. lawmakers that the web giant has not done enough to secure data on its servers.

Amazon Web Services (AWS), the cloud computing arm of, has come under fire following a series of high-profile data breaches, including one this year involving the personal information of 106 million people stored on its servers by Capital One Financial Corp.

Chief Technology Officer Werner Vogels said AWS provided multiple services to help customers identify if their data was being stored appropriately and flag any possible problems, but the decision about which settings to use lay with those clients.

"We feel we have a responsibility in making sure you take the right actions, but in the end it's only you who can decide what is the right action there and what's not," he told Reuters on the sidelines of the Web Summit tech conference in Lisbon.

"I'm not going to look at your data thinking like 'hey, these are cat videos, maybe you shouldn't do that'." He added that customers should use tighter security controls for sensitive data such as credit card information.

Cybersecurity researchers say data hosted on AWS servers is often accidentally exposed due to mistakes made by the company's clients configuring their security settings.

The alleged Capital One hacker, for example, was able to access the firm's data due to a wrongly-configured web application firewall, U.S. prosecutors have said.

Analysts at Gartner predict client mistakes will account for 99 percent of "cloud security failures" over the next six years.

Vogels said the AWS system warned customers with a "massive red button" when they configured online storage containers - known as buckets - to be accessible by anyone online, a setting deliberately chosen for some products and applications.

The company also provides tools which clients can run to analyse the type of data they are storing and spot commonly associated slip-ups, he said.

"If you (change) the configuration on your bucket to world-readable, you will get lots of alarm bells going off," he said. "It's up to the individual customer to decide what's right and what's wrong."

© (c) Copyright Thomson Reuters 2019.

©2019 GPlusMedia Inc.

Login to comment

People who don't know anything about network or computer security shouldn't use cloudy IaaS services. Stick with the fully hosted solutions or keep your sensitive data inside locations and networks that you do fully control and understand.

Amazon is right.

0 ( +1 / -1 )

"If you (change) the configuration on your bucket to world-readable, you will get lots of alarm bells going off," he said. "It's up to the individual customer to decide what's right and what's wrong."

While I agree security should be up to clients, I think AWS could make their buckets easier to manage. Why not quite separate classes of storage buckets, so that when creating a storage bucket that is intended to be secure and not world-readable, it can never be changed after the fact? In the past, it was all too easy to change security settings later. (I'm not up to date on their current implementations.)

-1 ( +1 / -2 )

Why can't Facebook take this approach with speech and pictures? "It's up to the users to determine what is appropriate to post." The Congressional committee he stood before would have been gnashing and wailing at that.

-1 ( +1 / -2 )

When you hand over your valuables to someone to look after, how well do you trust them ? And how well do you think they're going to take care of your valuables to avoid theft ? And what compensation will you get if the unimaginable happens, and your valuables are taken ?

Now replace valuables with "data" ....

0 ( +0 / -0 )

Login to leave a comment

Facebook users

Use your Facebook account to login or register with JapanToday. By doing so, you will also receive an email inviting you to receive our news alerts.

Facebook Connect

Login with your JapanToday account

User registration

Articles, Offers & Useful Resources

A mix of what's trending on our other sites