Category: Security, Identity, & Compliance

Enterprise users use AWS Backup for centralized data protection as part of a defense-in-depth architecture. Its features generally fulfill users’ data security and regulatory requirements, but there is demand for additional resiliency against ransomware incidents. Meeting the recovery objectives often involves creating multiple copies of data backups, developing and maintaining custom code for backup processes, […]

Data security is a top priority for customers using AWS cloud services. Based on customer input, AWS has “designed-in” methods enabling customers to automate common security workflows such as password rotation. The principals of this automation follows the AWS Well-Architected Framework which helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for a variety […]

Users of productivity software and collaboration services such as Microsoft 365 want to protect their data and often tell us that data durability is one of their highest priorities. With the recent increases in reported cyber incidents, increasing data resilience against threats such as ransomware and other events that may compromise data durability is key. […]

London Stock Exchange Group (LSEG) has 30 PB of Tick History-PCAP data, which is ultra-high-quality global market data that is based on raw exchange data, timestamped to the nanosecond. An additional 60 TB is generated every day. LSEG sought to migrate their data from Wasabi cloud storage, LSEG was looking for a new solution to […]

Certain organizations may experience unexpected or outlier cross-region data transfer charges and require time to identify which of their systems or workloads are initiating them. In such cases, it may be useful to temporarily block data transfers to within a particular region. This temporary restriction can prevent further unwanted charges and allows time for audit […]

Update (7/12/2024): Post updated to clarify that you must use a fully qualified Amazon Resource Name (ARN) when specifying your customer managed KMS keys. Some organizations have requirements to manage their own data encryption keys, both in general and during data transfer processes. In addition, when considering data transfer solutions (not just for encrypted data), […]

In highly regulated industries, securely exchanging files business-to-business is a crucial business practice. When building out a Managed File Transfer (MFT) environment, it is common to consider using a third-party identity solution for authenticating users. This approach offers simplicity for businesses that already use an identity service, allowing them to maintain identities for a variety […]

Storing multiple copies of data is often an enterprise data protection best practice and a critical part of backup and recovery solutions. The ability to quickly recover or restore data – often from backup copies in cost-effective archive storage – is critical to minimizing potential downtime or operational disruptions in disaster recovery (DR) scenarios such […]

Note: This is a more in-depth follow-on post from our high-level, introductory blog on IAM Access Analyzer for S3. Organizations generate, use, and store more data today than ever before. With securing data a top priority, many enterprises focus on implementing the principle of least privilege access, or limiting users to the minimum necessary access […]

Financial services customers that are regulated by the U.S. Securities and Exchange Commission (SEC) are required by regulations (17 CFR § 240.17a-4 and 17 CFR § 240.18a-6, or, briefly, “17a-4” and “18a-6”) to store their electronic books and records under certain protective measures. Both 17a-4 and 18a-6 require the ability to retrieve the original, unmodified […]