AWS Storage Gateway enhances security by introducing access-based enumeration for File Gateway

Posted on: Nov 9, 2020

AWS Storage Gateway introduces access-based enumeration for File Gateway, enabling you to protect sensitive information by allowing you to prevent users from seeing SMB file shares, folders, and files that they would not be able to open based on their access permissions. 

With this launch, you can now make all SMB file shares on a gateway visible to users, and filter the display of folders and files within a file share based on user permissions. This capability helps you protect sensitive information that could be visible in folder names or file names where users do not have permission to open the files or folders. In addition, it provides users with a simplified view of folder structures by only displaying the folders and files they can access.  

Storage Gateway is a hybrid cloud storage service that provides on-premises applications access to virtually unlimited cloud storage using NFS, SMB, iSCSI, and iSCSI-VTL interfaces through file, tape, and volume gateways. You can use the service for backing up and archiving data to AWS, providing on-premises file shares backed by cloud storage, and providing on-premises applications low latency access to in-cloud data. 

These capabilities are available on new gateways starting today in every Region where AWS Storage Gateway is available. For existing gateways this new capability will be made available during the next scheduled software update. To learn more, visit the AWS Storage Gateway User Guide. Access the Storage Gateway console to get started.