AWS, or Amazon Web Services, is a popular cloud-hosting service due to its versatility and pricing. It has gained a reputation as one of the best cloud services on the market. As such, people have high expectations from AWS. That includes fast switches to a mirror server in an outage, fast response times to queries, and timely support. But, there are some instances where the end user can’t blame AWS for a customer data leak even though it seems as if it’s the fault of AWS. Following are some of those instances and how to avoid them.
Compromised Accounts on the User End
In the event, an account with AWS access on the customer side gets compromised, AWS will not take responsibility for what happens. For example, an employee with access to AWS has their login information stolen. The thief then uses that login to get into AWS and look around, maybe even stealing something or leaving a mess behind. In this situation, the blame lies squarely with the person whose account got compromised. AWS can lock down the account, but it will not take responsibility for the damage done.
AWS views itself as a warehouse for customer information. All it does is provide the lock and key to the warehouse but takes no responsibility for unauthorized access by an employee of the customer. It does take responsibility if their hardware went down, or one of its own employees did something they shouldn’t have.
Insecure Technology in the Office
Windows is the most commonly used operating system in offices across the country. Microsoft puts out regular updates for security patches so users don’t put themselves at risk of a hacker or virus getting into the system. Hackers are always evolving their methods, and Microsoft is always responding with updates to stay ahead of them. But, Windows updates tend to happen at the worst possible moment — when someone is using the computer at that very moment — and causes them to turn off automatic updating. IT may not be aware that the user has turned off the updates, allowing the system to become vulnerable to an outside attack.
If a hacker gets into the AWS accounts because of a lack of security on the part of the user, AWS won’t take responsibility for what happens. And, getting help from AWS is difficult as the problem has nothing to do with it or its services. It is entirely up to the customer to make backups of all files and place them in a secure location that a hacker won’t think to look.
Unauthorized Employees Gained Access to AWS
This is very much in the same vein as a hack from the outside even though it involves an employee on the inside. AWS views the customer as having failed to take appropriate security measures to keep unauthorized users from getting access to an account. If nothing happened when that user gained access, everything is business as usual. But if that user made a mess and destroyed files, AWS will not help with recovering files.
Bugs in Software Exposing Sensitive Data
CloudFlare is a software company that operates a content delivery network, internet security services, and domain name servers. It would seem, on the surface at least, that a company that provides important services has a priority on keeping things secure, but for some reason, it overlooked a major bug that exposed sensitive data in plain text. That information was laid out in such a way that almost anyone could find usernames and passwords. CloudFlare is used as an example because it works with AWS as a security portal.
When someone hosts a website on AWS, they do so because the service is fast and reliable. CloudFlare is used to help balance user load so there’s no delay when a user calls up a website. CloudFlare also provides security against malicious attacks like denail of service (DOS) and SQL injection. The service is considered a third-party provider by AWS which means it won’t take responsibility for any security breaches that were caused by CloudFlare. The same goes for any other third-party service.
Always make sure to back up important files so there’s more than one copy. It should be standard operating procedure, but many fail to take this step. Also, focus on keeping AWS account access locked down as tight as possible to prevent an unauthorized user or hacker from getting login information. Making it a point to engage in active security measures greatly reduces the risk of a hack or accidental loss of data.