Get 40% Off
🤯 This Tech Portfolio is up 29% YTD! Join Now to Get April’s Top PicksGet The Picks – Just 99 USD

From cat videos to credit cards, Amazon says customers have to secure own data

Published 11/05/2019, 11:53 AM
Updated 11/05/2019, 11:55 AM
From cat videos to credit cards, Amazon says customers have to secure own data

From cat videos to credit cards, Amazon says customers have to secure own data

By Jack Stubbs

LISBON (Reuters) - Amazon's cloud computing customers have to decide themselves how best to protect sensitive information online, a senior executive said on Tuesday, following accusations by U.S. lawmakers that the web giant has not done enough to secure data on its servers.

Amazon Web Services (AWS), the cloud computing arm of Amazon.com (O:AMZN), has come under fire following a series of high-profile data breaches, including one this year involving the personal information of 106 million people stored on its servers by Capital One Financial Corp (N:COF).

Chief Technology Officer Werner Vogels said AWS provided multiple services to help customers identify if their data was being stored appropriately and flag any possible problems, but the decision about which settings to use lay with those clients.

"We feel we have a responsibility in making sure you take the right actions, but in the end it's only you who can decide what is the right action there and what's not," he told Reuters on the sidelines of the Web Summit tech conference in Lisbon.

"I'm not going to look at your data thinking like 'hey, these are cat videos, maybe you shouldn't do that'." He added that customers should use tighter security controls for sensitive data such as credit card information.

Cybersecurity researchers say data hosted on AWS servers is often accidentally exposed due to mistakes made by the company's clients configuring their security settings.

The alleged Capital One hacker, for example, was able to access the firm's data due to a wrongly-configured web application firewall, U.S. prosecutors have said.

Analysts at Gartner predict client mistakes will account for 99 percent of "cloud security failures" over the next six years.

Vogels said the AWS system warned customers with a "massive red button" when they configured online storage containers - known as buckets - to be accessible by anyone online, a setting deliberately chosen for some products and applications.

The company also provides tools which clients can run to analyze the type of data they are storing and spot commonly associated slip-ups, he said.

"If you (change) the configuration on your bucket to world-readable, you will get lots of alarm bells going off," he said. "It's up to the individual customer to decide what's right and what's wrong."

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.