Update Articles “buck-et-up-secure-your-aws-s3-buckets-now”

content/newsroom/articles/buck-et-up-secure-your-aws-s3-buckets-now.en.md

@@ -1,43 +1,43 @@
 ---
 title: Buck-et up! Secure your AWS S3 Buckets now!
-date: 2024-07-31T14:43:00.000Z
+date: 2024-07-31T16:43
 tag: news
-intro: "1.5 million files stored unprotected on the public internet, does this
-  still happen? Unfortunately, yes, it still happens. Despite our familiarity
-  with security policies, controls, and best practices. In this article, you can
-  read how you can secure your AWS S3 buckets and why it is important to do it.
-  "
+intro: 1.5 million files stored unprotected on the public internet, does this still happen? Unfortunately, yes, it still happens. Despite our familiarity with security policies, controls, and best practices. In this article, you can read how you can secure your AWS S3 buckets and why it is important to do it.
+Alt tag for image: ""
 faq_enabled: false
 faq:
   title: faq
+  opener: ""
+  intro: ""
+  url: ""
 ---
-*In 2022, a group of security researchers discovered a misconfigured Amazon S3 bucket exposing 3TB of data. We are not talking about random bits and bytes, but among those [1.5 million unprotected files](https://www.skyhighsecurity.com/about/resources/intelligence-digest/unsecured-servers-can-put-lives-at-stake.html?eid=evpxmdrt&smcid=lnp&utm_source=linkedin&utm_medium=paidsocial&utm_campaign=skyhighsecuritybrandlaunch_jp&utm_content=plane&utm_term=q4_2022) were airport employee records, ID card photos, and personally identifiable information (PII) including names, photos, occupations, and national ID numbers dating back to [at least 2018](https://www.safetydetectives.com/news/securitas-leak-report/). Other information that could be extracted was in the form of Android mobile apps that are used by security personnel to help with various tasks, such as incident reporting. According to [SafetyDetectives](https://www.safetydetectives.com/news/securitas-leak-report/), the Amazon S3 bucket was left open and accessible, without any authentication procedures in place.* 
+*In 2022, a group of security researchers discovered a misconfigured Amazon S3 bucket exposing 3TB of data. We are not talking about random bits and bytes, but among those [1.5 million unprotected files](https://www.skyhighsecurity.com/about/resources/intelligence-digest/unsecured-servers-can-put-lives-at-stake.html?eid=evpxmdrt&smcid=lnp&utm_source=linkedin&utm_medium=paidsocial&utm_campaign=skyhighsecuritybrandlaunch_jp&utm_content=plane&utm_term=q4_2022) were airport employee records, ID card photos, and personally identifiable information (PII) including names, photos, occupations, and national ID numbers dating back to [at least 2018](https://www.safetydetectives.com/news/securitas-leak-report/). Other information that could be extracted was in the form of Android mobile apps that are used by security personnel to help with various tasks, such as incident reporting. According to [SafetyDetectives](https://www.safetydetectives.com/news/securitas-leak-report/), the Amazon S3 bucket was left open and accessible, without any authentication procedures in place.*
 
-In this article, you can read how you can secure your AWS buckets and why it is important to do it. 
+In this article, you can read how you can secure your AWS buckets and why it is important to do it.
 
 ## What is an AWS S3 bucket?
 
-An AWS S3 bucket is essentially a container in the cloud where you can store and manage data, such as photos, videos, documents, backups, and more. AWS Stands for Amazon Web Services, and S3 stands for Simple Storage Service. 
+An AWS S3 bucket is essentially a container in the cloud where you can store and manage data, such as photos, videos, documents, backups, and more. AWS Stands for Amazon Web Services, and S3 stands for Simple Storage Service.
 
-Each S3 bucket can hold a virtually unlimited number of objects. You probably would not like everyone to be able to view, modify, copy or delete your data, so you create access policies and controls to secure it. Without access policies, an AWS S3 bucket is considered "publicly accessible". This means that its permissions allow any user on the internet to view and download its contents. 
+Each S3 bucket can hold a virtually unlimited number of objects. You probably would not like everyone to be able to view, modify, copy or delete your data, so you create access policies and controls to secure it. Without access policies, an AWS S3 bucket is considered "publicly accessible". This means that its permissions allow any user on the internet to view and download its contents.
 
-When an S3 bucket is visible to everyone on the public internet when it shouldn’t be, it’s called a misconfiguration. Such misconfigurations can turn a private repository of sensitive data into a goldmine for cybercriminals. So, what happens if you accidentally forget to secure your AWS S3 bucket? 
+When an S3 bucket is visible to everyone on the public internet when it shouldn’t be, it’s called a misconfiguration. Such misconfigurations can turn a private repository of sensitive data into a goldmine for cybercriminals. So, what happens if you accidentally forget to secure your AWS S3 bucket?
 
 ## Risks and consequences of misconfigured buckets
 
 If an S3 bucket is left publicly accessible, anyone can access the data inside. When cybercriminals gain access to confidential or sensitive information, it results in a data breach. This is one of the most severe and likely consequences of an exposed S3 bucket. Depending on the data stored, a data breach can lead to reputational damage, regulatory penalties, and intellectual property theft. In the worst cases, it can also result in identity theft, financial loss, and competitive disadvantages. Cybercriminals can also use the stolen data to threaten to release this data unless a ransom is paid. Getting blackmailed can be perceived as humiliating, and is harmful to the victim’s reputation and trust relationships.
 
 ### ☢️ Reputation damage
 
-If the data in your misconfigured S3 bucket contained sensitive data such as customer personal information, financial data, health records, or intellectual property, your organisation can suffer significant reputational harm. The news of the data breach spreads quickly online, damaging customer trust and potentially leading to loss of business. This is because people generally don’t like to store sensitive data, such as personal health records or credit card numbers, with a company that has previously taken the protection of other people’s data for granted. In a world where data privacy is crucial, failing to secure an S3 bucket can have long-lasting effects on a company’s reputation. 
+If the data in your misconfigured S3 bucket contained sensitive data such as customer personal information, financial data, health records, or intellectual property, your organisation can suffer significant reputational harm. The news of the data breach spreads quickly online, damaging customer trust and potentially leading to loss of business. This is because people generally don’t like to store sensitive data, such as personal health records or credit card numbers, with a company that has previously taken the protection of other people’s data for granted. In a world where data privacy is crucial, failing to secure an S3 bucket can have long-lasting effects on a company’s reputation.
 
 ### ☢️ Regulatory penalties
 
 In addition to reputational damage, failing to comply with laws and regulations can have serious consequences. Many regions, such as Europe with the GDPR and California with the CCPA, have stringent data protection regulations. Exposing sensitive data can lead to hefty fines and legal actions, adding a financial burden to the already significant repercussions of a data breach.
 
 ### ☢️ Intellectual Property theft
 
-For organisations, especially those in tech and creative industries, intellectual property is a valuable asset. Accidentally exposing source code, designs, or proprietary processes can enable competitors to steal or replicate innovative solutions, undermining your company’s competitive edge. 
+For organisations, especially those in tech and creative industries, intellectual property is a valuable asset. Accidentally exposing source code, designs, or proprietary processes can enable competitors to steal or replicate innovative solutions, undermining your company’s competitive edge.
 
 ### ☢️ Using property theft to advance the attack ever further
 
@@ -49,18 +49,18 @@ It’s clear that a data breach is one of the last things you want to happen in
 
 ### ✅ Implement least privilege access
 
-Implement least privilege access by giving users and applications only the permissions they need to perform their task(s). Regularly review and adjust permissions to avoid over-privileged access and remove permissions when the user or application no longer needs it. Disable public access to your S3 buckets if it is not strictly necessary. 
+Implement least privilege access by giving users and applications only the permissions they need to perform their task(s). Regularly review and adjust permissions to avoid over-privileged access and remove permissions when the user or application no longer needs it. Disable public access to your S3 buckets if it is not strictly necessary.
 
-### ✅ Configure bucket policies and access control lists (ACLs)
+### ✅ Control ownership of objects and disable ACLs for your bucket 
 
-Use [AWS IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) for granular permission management, and clearly define who can access the data and what actions they can perform. Avoid public-read or public-write permissions unless absolutely necessary. If public access is necessary, limit it to the minimum and monitor it closely. 
+Use [AWS IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) for granular permission management, and clearly define who can access the data and what actions they can perform. Avoid public-read or public-write permissions unless absolutely necessary. If public access is necessary, limit it to the minimum and monitor it closely. Keep access control lists (ACLs) disabled by applying the "[Bucket owner enforced](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html)" setting and using your bucket policy to share data with external users as needed.
 
 ### ✅ Enable logging and monitoring
 
 Activate logging and monitoring features like AWS CloudTrail and Amazon S3 server access logging. These tools help you track access and changes to your S3 buckets, allowing you to detect and respond to suspicious activities quickly. Review both options here:
 
-* [Logging requests with server access logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html)
-* [Logging Amazon S3 API calls using AWS CloudTrail](https://docs.aws.amazon.com/AmazonS3/latest/userguide/cloudtrail-logging.html)
+- [Logging requests with server access logging](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html)
+- [Logging Amazon S3 API calls using AWS CloudTrail](https://docs.aws.amazon.com/AmazonS3/latest/userguide/cloudtrail-logging.html)
 
 ### ✅ Encrypt your data at rest and in transit
 
@@ -72,6 +72,6 @@ Regular security audits can be used to identify and remediate potential vulnerab
 
 ### ✅ Proactively search for vulnerabilities or vulnerable systems
 
-Proactively detect the presence of sensitive data with [Amazon Macie](https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html). Amazon Macie uses machine learning and pattern matching to provide visibility into data security risks, and enables automated protection against those risks. 
+Proactively detect the presence of sensitive data with [Amazon Macie](https://docs.aws.amazon.com/macie/latest/user/what-is-macie.html). Amazon Macie uses machine learning and pattern matching to provide visibility into data security risks, and enables automated protection against those risks.
 
 ✨ By following these steps, you can significantly enhance the security of your S3 buckets and protect your data from unauthorised access and potential breaches. If you happen to forget to secure your S3 bucket, let’s hope & pray that one of DIVD’s finest finds the misconfiguration and reports it to your organisation as soon as it’s discovered!

content/newsroom/articles/buck-et-up-secure-your-aws-s3-buckets-now.nl.md

@@ -1,3 +1,10 @@
 ---
+title: Buck-et up! Beveilig nu uw AWS S3 Buckets!
 date: 2024-07-31T14:28:00.000Z
+intro: 1,5 miljoen bestanden onbeveiligd opgeslagen op het openbare internet, gebeurt dit nog steeds? Helaas, ja, het gebeurt nog steeds. Ondanks onze bekendheid met beveiligingsbeleid, controles en best practices. In dit artikel lees je hoe je je AWS S3 buckets kunt beveiligen en waarom het belangrijk is om dit te doen.
 ---
+In 2022 ontdekte een groep beveiligingsonderzoekers een verkeerd geconfigureerde Amazon S3-bucket waardoor 3 TB aan gegevens werd blootgelegd. We hebben het hier niet over willekeurige bits en bytes, maar onder die 1,5 miljoen onbeveiligde bestanden bevonden zich gegevens van luchthavenmedewerkers, foto's van ID-kaarten en persoonlijk identificeerbare informatie (PII), waaronder namen, foto's, beroepen en nationale ID-nummers die teruggingen tot ten minste 2018. Andere informatie die kon worden achterhaald was in de vorm van mobiele Android-apps die worden gebruikt door beveiligingspersoneel om te helpen bij verschillende taken, zoals het melden van incidenten. Volgens SafetyDetectives werd de Amazon S3 bucket open en toegankelijk gelaten, zonder verificatieprocedures.
+
+In dit artikel lees je hoe je je AWS-buckets kunt beveiligen en waarom het belangrijk is om dat te doen.
+
+Vertaald met DeepL.com (gratis versie)