Up until this week, users of Amazon’s S3 storage had to rely on Amazon Web Services to provide and manage their server-side encryption keys.
Now those users can instead opt to supply their own keys and manage them on site themselves or use Amazon’s Cloud HSM dedicated hardware to manage them. Or they can just continue to let Amazon manage the keys in its cloud, according to the AWS Blog.
This is a step forward, but users still need to be vigilant. Most security experts recommend that users encrypt their own files locally before uploading them, said David Mytton, CEO of Server Density.
In other Amazon encryption news, controversy erupted earlier this week over Amazon’s continued use of TrueCrypt encryption for files moving into and out of S3 storage after TrueCrypt itself was shut down a few weeks ago by its creators, citing security concerns.
Update: An AWS spokewoman later noted that AWS Import/Export is the only AWS service that uses TrueCrypt. “AWS is aware of the statement on the TrueCrypt website and contines to monitor it closely,” she said via email.
This story was updated at 7:57 p.m. PST with Amazon comment on TrueCrypt.
Image copyright Thinkstock.
Related research and analysis from Gigaom Research:
Subscriber content. Sign up for a free trial.
- Highlights from AWS re:Invent 2013
- How to resolve cloud migration challenges in physical and virtual applications
- Sponsored Research: How direct-access solutions can speed up cloud adoption
More From paidContent.org