Category: AWS Key Management Service

Many organizations have data governance strategies or compliance requirements that mandate their data be replicated and redundant across different management accounts and global regions. Moving encrypted data at scale can often take a few additional steps due to the need to decrypt and re-encrypt objects as part of the replication process. Amazon Simple Storage Service […]

Keeping data secure and usable in unforeseen circumstances like accidental breaches, human error, and hacking is critical to business continuity and success. To effectively mitigate the impact of these events on business-critical assets, one of the recommended strategies is creating immutable, unchangeable copies of those assets and storing them in isolated, secondary accounts with restricted […]

Keeping data secure and usable in unforeseen circumstances like accidental breaches, human error, and hacking is critical to business continuity and success. To effectively mitigate the impact of these events on business-critical assets, one of the recommended strategies is creating immutable, unchangeable copies of those assets and storing them in isolated, secondary accounts with restricted […]

Encrypting data at rest fulfills compliance and security standards while providing an extra layer of defense to protect against unauthorized access. As organizations scale, it is critical to develop standardize encryption to minimize the administrative burden of managing encryption keys. Organizations that lack encryption standardization may find themselves unable to access critical data when required. […]

As companies shift high-performance workloads toward cloud solutions, data storage and data protection go side-by-side. Many companies have both internal and external security rules and regulations they must adhere to when storing their data. Amazon FSx for Lustre offers fully managed, scalable file systems for fast-processing workloads, providing secure, shared access to your users. In […]

Organizations are looking for solutions to protect their valuable data against ransomware attacks, natural disasters, and operational errors. Many of these organizations operate in regulated industries and must maintain data long-term to meet compliance obligations and business continuity goals. In AWS, customers can accomplish these goals by backing up mission-critical databases into centralized backup storage […]

As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve data security. Encryption is a critical component of a defense in depth strategy, and when used correctly, can provide an additional layer of protection above basic access control. However, workloads that access millions or billions […]

Enterprises and organizations in more security-conscious industries often protect their data through encryption, restricting data access to those with the necessary permissions and improving their security posture. Creating backups of data resources is often another critical component of a secure and resilient architecture. Additionally, backing up encrypted data is also important, even across geographical regions […]

UPDATE: On April 12, 2021, AWS announced support for copying Amazon FSx file system backups across AWS Regions and AWS accounts. For more information, read this blog post on cross-Region and cross-account backups for Amazon FSx using AWS Backup. There are many benefits to using more than one AWS account, including resource and operational isolation, disaster […]

UPDATE: The screenshots of the Amazon DLM interface in this post were updated on 7/14/2021. Many customers have disaster recovery (DR) best practices that require them to copy their Amazon EBS snapshots to an isolated account in a different Region and encrypt those snapshots with a different key. In doing so, customers are able to […]