AWS to Scan for Misconfigured Servers
One of the most significant security breaches in the past months was that of Capital One, a result of a poorly configured Amazon Web Services (AWS) server. While AWS was not to blame for the incident, a cursory inspection of companies running AWS servers showed that a large number of them displayed similar problems in their configuration. AWS has repeatedly stated their dedication to providing services, to customers but allowing them to set their servers up as they see fit.
Capital one’s statement about the attack mentioned that the problem occurred because of the exploitation of a misconfigured firewall for web applications. The attacker then further exploited permissions that Capital One had installed within their systems. Amazon mentioned that they offer guidance for both installation of firewalls as well as establishing permissions on their AWS servers to allow their clients to utilize the company’s services while securing the client’s data.
Amazon Taking a More Proactive Approach
The Capital One breach has cast a shadow over AWS as an enterprise provider, and many companies are concerned as to whether Amazon’s service can protect their data. There is no dispute that the most recent breaches of cloud servers are a direct result of inadequate setup by the organization. However, there is a disturbing trend for these client organization to make the same mistakes that lead to data breaches. Amazon intends to deal with this problem by acting pre-emptively to discover errors in the configuration of firewalls or token handling.
By scanning information transferred across the cloud, AWS intends to use similar technology to Github to detect if any vital information (such as SSH keys or credentials) are included within the AWS code. If caught, Amazon then informs the customer and advises them to alert the client involved and deal with the issue. The AWS cloud remains secure, but the proactive action that AWS is taken relates directly to organizations that may have problems setting up and maintaining security on their cloud server installations.
