We are excited to announce that starting today we're offering Server Side Encryption support for Amazon S3. Amazon S3 Server Side Encryption (SSE) enables you to easily encrypt data stored at rest in Amazon S3. Using Amazon S3 SSE, you can encrypt data simply by adding an additional request header when writing the object to Amazon S3. Decryption happens automatically when data is retrieved.
Amazon S3 Server Side Encryption employs strong multi-factor encryption. Each object is encrypted with a unique key. As an additional safeguard, this key itself is encrypted with a regularly rotated master key. Amazon S3 Server Side Encryption uses one of the strongest block ciphers available -- 256-bit Advanced Encryption Standard (AES-256) -- to encrypt your data.
You can start using Amazon S3 Server Side Encryption today through the AWS Management Console and the Amazon S3 API.
To learn more about Amazon S3 Server Side Encryption, please refer to the topic on Using Server Side Encryption in the Amazon S3 Developer Guide. To learn more about how Amazon S3 provides protection for your data, please refer to http://aws.amazon.com/s3/#protecting.