Tag: AWS Key Management Service (AWS KMS)

Enterprise users use AWS Backup for centralized data protection as part of a defense-in-depth architecture. Its features generally fulfill users’ data security and regulatory requirements, but there is demand for additional resiliency against ransomware incidents. Meeting the recovery objectives often involves creating multiple copies of data backups, developing and maintaining custom code for backup processes, […]

Update (7/12/2024): Post updated to clarify that you must use a fully qualified Amazon Resource Name (ARN) when specifying your customer managed KMS keys. Some organizations have requirements to manage their own data encryption keys, both in general and during data transfer processes. In addition, when considering data transfer solutions (not just for encrypted data), […]

The BMW Group (BMW) is a global manufacturer of premium automobiles and motorcycles, covering the brands BMW, BMW Motorrad, MINI, and Rolls-Royce. Since 2022, BMW has started using AWS to scale its capacity to handle vast increases in needed compute and storage capacity to build and test automated driving features, such as adaptive cruise control, […]

Orca Security, an AWS Partner, is an independent cybersecurity software provider whose agent-less cloud security environment is trusted by hundreds of enterprises globally. Orca makes cloud security simple for enterprises moving to and scaling with AWS with its patented SideScanning™ technology and Unified Data Model. Orca’s customers use Amazon Elastic Block Store (Amazon EBS) volumes […]

Customers across many industries face increasingly stringent audit and compliance requirements on data security and privacy. Certain compliance frameworks, such as FISMA, FEDRAMP, PCI DSS, and SOC 2, have specific regulatory standards for validating the security of systems. A common requirement for these compliance frameworks is more rigorous encryption standards for data-at-rest, where organizations must […]

Many organizations have data governance strategies or compliance requirements that mandate their data be replicated and redundant across different management accounts and global regions. Moving encrypted data at scale can often take a few additional steps due to the need to decrypt and re-encrypt objects as part of the replication process. Amazon Simple Storage Service […]

Update (12/11/2023): As of November 20, 2023, Amazon S3 supports enabling S3 Object Lock on existing buckets. Keeping data secure and usable in unforeseen circumstances like accidental breaches, human error, and hacking is critical to business continuity and success. To effectively mitigate the impact of these events on business-critical assets, one of the recommended strategies […]

Update (12/11/2023): As of November 20, 2023, Amazon S3 supports enabling S3 Object Lock on existing buckets. Keeping data secure and usable in unforeseen circumstances like accidental breaches, human error, and hacking is critical to business continuity and success. To effectively mitigate the impact of these events on business-critical assets, one of the recommended strategies […]

Encrypting data at rest fulfills compliance and security standards while providing an extra layer of defense to protect against unauthorized access. As organizations scale, it is critical to develop standardize encryption to minimize the administrative burden of managing encryption keys. Organizations that lack encryption standardization may find themselves unable to access critical data when required. […]

Mission critical workloads need advanced data services for data protection. Amazon Elastic Block Store (EBS) not only provides high-performance block-level storage volumes for Amazon Elastic Compute Cloud (EC2) instances, but also offers comprehensive and consistent data protection capabilities designed to protect data on block storage. Customers have been using Amazon EBS for over a decade […]