My TechDecisions

IT Infrastructure, News

Amazon S3 Will Now Encrypt Objects by Default

AWS has announced that Amazon S3 will encrypt all new objects by default and automatically apply server-side encryption for each new object.

Leave a Comment

AWS S3
stock.adobe.com/Sundry Photography

AWS has announced that Amazon S3 will encrypt all new objects by default and automatically apply server-side encryption for each new object unless specified otherwise.

Server side encryption (SSE) for Amazon’s Simple Storage Service (Amazon S3) was first introduced in 2011, with users given the ability to request encrypted storage when storing a new object or copying an existing object.

Encryption by default puts another security best practice into effect automatically and the change has no impact on performance, according to AWS. No user action is needed, and S3 buckets that do not use default encryption will now automatically apply SSE-S3 as the default setting.

However, users can choose one of three encryption options: the new default SSE-S3 setting, customer-provided encryption keys or AWS Key Management Service keys.

“To have an additional layer of encryption, you might also encrypt objects on the client side, using client libraries such as the Amazon S3 encryption client,” the company says in a blog post.

Previously, opting in to SSE-S3 meant that users had to certain that it was always configured on new buckets and verify that it remained configured property over time. For organizations that require all objects to remain encrypted at rest with SSE-S3, this update helps meet those compliance requirements without any additional effort, the company says.

“With today’s announcement, we have now made it ‘zero click’ for you to apply this base level of encryption on every S3 bucket,” the company says.

The change is visible in AWS CloudTrail data event logs, and users can also see changes in the S3 section of the  AWS Management ConsoleAmazon S3 InventoryAmazon S3 Storage Lens, and as an additional header in the AWS CLI and in the AWS SDKs over the next few weeks.

To verify the change, users can configure CloudTrail to log data events.

Read AWS’ blog for more information.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ