AWS Security Blog

Tag: Encryption

AWS CloudHSM Is Now Integrated with Amazon RDS for Oracle and Provides Enhanced Management Tools

AWS CloudHSM is now integrated with Amazon RDS for Oracle. With this new capability, you can let AWS operate your Oracle databases while maintaining control of the master encryption keys. The AWS CloudHSM service helps you meet compliance requirements for data security by making dedicated, single-tenant Hardware Security Module (HSM) appliances available within the AWS […]

Read More

Amazon RDS Now Supports Encryption via AWS Key Management Service

Today, Amazon RDS for MySQL and PostgreSQL released support for database encryption using AWS Key Management Service (KMS). This feature addresses a common request from customers who have asked for an easy way to encrypt data in these RDS database types. When you create a new MySQL or PostgreSQL database instance, you can choose to […]

Read More

Amazon Elastic Transcoder Now Supports Media File Encryption

AWS Key Management Service (KMS) now supports a new AWS service in addition to Amazon S3, Amazon EBS, and Amazon Redshift. This week Amazon Elastic Transcoder released support for encryption of media assets using AWS KMS. Specifically, you can upload encrypted mezzanine files, thumbnails, captions and watermarks to Amazon Elastic Transcoder and allow the service to […]

Read More

A New Way to Encrypt Your Data and Manage Encryption Keys Using AWS Key Management Service

Today, we’re excited to announce AWS Key Management Service (KMS) a new service that gives you control and visibility over the encryption keys that protect your data, with strong security and audit controls. AWS KMS is integrated with other AWS services including Amazon EBS, Amazon S3, and Amazon Redshift to simplify encryption of your data within those […]

Read More

Benefits of a Key Hierarchy with a Master Key (Part Two of the AWS CloudHSM Series)

Previously, Todd Cignetti, AWS Security Product Manager, wrote a post that covered some typical use cases for AWS CloudHSM, a service that helps you securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you. In this post, Todd continues the series on AWS CloudHSM with […]

Read More

Some AWS SDKs Security Features You Should Know About

The AWS SDK team recently added and documented some security-related features that we think you shouldn’t miss. Check these out! Updates for managing access keys in the .NET and Java SDKs. In Referencing Credentials using Profiles, blogger Norm Johanson describes how you can now put a credentials file in your user folder. This great security […]

Read More

Encryption for EBS Volumes Can Help You with Security and Compliance

On May 21, AWS launched encryption for EBS volumes, a frequently requested feature, which can help you meet stricter security and encryption compliance requirements. You can now create an encrypted EBS volume and attach it to an EC2 instance. Data on the volume, disk I/O, and snapshots created from the volume are all encrypted. The […]

Read More

Three Data-at-Rest Encryption Announcements

We’re excited to make three announcements around encryption of data at rest in AWS: We’ve published a new whitepaper: Securing Data at Rest with Encryption, which describes the various options for encrypting data at rest in AWS. It describes these options in terms of where encryption keys are stored and how access to those keys […]

Read More

AWS CloudHSM Use Cases (Part One of the AWS CloudHSM Series)

Many of our readers have told us that they want to learn more about encryption and key management in AWS. CloudHSM is an AWS service that can establish an even greater trust in AWS from which encryption and key management applications can be anchored. If you’re not familiar with AWS CloudHSM, you can read more […]

Read More

Encrypting Data in Amazon S3

Readers have expressed interest in learning more about encryption and key management for protecting data stored in AWS. Amazon Simple Storage Service (S3) supports a server-side encryption feature where you can set a flag in the API or check a box in the AWS Management Console to automatically encrypt your data before it’s written to […]

Read More