Category: Security, Identity, & Compliance

Note: This is a more in-depth follow-on post from our high-level, introductory blog on IAM Access Analyzer for S3. Organizations generate, use, and store more data today than ever before. With securing data a top priority, many enterprises focus on implementing the principle of least privilege access, or limiting users to the minimum necessary access […]

Financial services customers that are regulated by the U.S. Securities and Exchange Commission (SEC) are required by regulations (17 CFR § 240.17a-4 and 17 CFR § 240.18a-6, or, briefly, “17a-4” and “18a-6”) to store their electronic books and records under certain protective measures. Both 17a-4 and 18a-6 require the ability to retrieve the original, unmodified […]

Organizations often need to store and serve various types of static content, such as data sets, archives, and file repositories, on the web. This content is typically accessed by end-users for research and analysis purposes or general content distribution. However, presenting this content in a user-friendly and easily browsable manner can be a significant challenge, […]

Architecting secure data transfer workloads is critical for today’s businesses. Customers need to be sure that each end user can only access the minimally appropriate set of files and folders once authenticated to AWS Transfer Family. There are multiple Identity and Access Management (IAM) roles necessary when designing these authentication and access controls, and customers […]

Organizations continue to grow their data lakes in the cloud as they build out new and innovative analytics, machine-learning, and generative AI workloads. At the same time, these workloads often access data that requires compliance with stringent data security and privacy standards. These compliance frameworks typically specify additional requirements for encryption at-rest, which leads customers […]

Over time, Enterprises may need to undertake operations or make modifications to their data as part of general data management, to address changing business needs, or to comply with evolving data-management regulations and best practices. As datasets being generated, stored, and analyzed continue to grow exponentially, the need for simplified, scalable, and reproduceable data management […]

Disaster recovery (DR) and business continuity planning (BCP) are critical activities for any organization. During DR operations, after workloads are restored in the DR site, there are a series of steps and activities, such as application configurations and validations, that must be properly orchestrated and coordinated among many teams and functions in order to ensure […]

Data, the lifeblood of any modern organization, is rarely static. For high-performance applications and workloads, enterprises need the ability to run operations on massive amounts of data, including modifying the data as is necessary for each use case, to further accelerate processing. This could include modifying uploaded images with a watermark, changing the bitrate of […]

Highly regulated industries, such as finance, healthcare and government, need to exchange business to business files securely. Common protocols like SFTP provide a broadly-supported, standard method for moving files securely across public networks. For some customers, compliance requirements drive a higher bar for their SFTP authentication. To meet more stringent compliance requirements, aside from controlling […]

This post is Part 2 of a two-part blog post series that will take you, an application developer, through the process of configuring and developing a data application that authenticates users with Microsoft Entra ID and then uses S3 Access Grants to access data on those users’ behalf. Part 1 of this series gave an […]