Amazon’s Cloud Faces Security Scandal
Companies using Amazon’s (NASDAQ:AMZN) popular cloud computing software were in for a shock when they found out that information they deemed “private” and “confidential,” was actually neither.
Earlier this week Bloomberg reported that Rapid7, a Boston-based security firm, released a report stating it found more than 126 billion files posted online belonging to customers of Amazon Simple Storage, or Amazon S3. Rapid7 analyzed over 40,000 of the files and deemed some of them contained sensitive data.
“Cloud hosting and cloud storage is all the rage, but there are still some common pitfalls that many organizations overlook,” Will Vandevanter, a Rapid7 researcher, wrote in a blog post.
According to Amazon, the unintended availability of the files was due to Amazon S3 clients disabling the default “private” setting, rather than any mishap of their program.
“Amazon S3 provides authentication mechanisms to secure data stored in Amazon S3 against unauthorized access,” Amazon said in a statement. “Unless the customer specifies otherwise, only the AWS account owner can access data uploaded to Amazon S3.”
Despite the fact that their customers committed the mistake, Amazon’s cloud service will come under scrutiny. If users of Amazon S3 become overly concerned with their privacy settings, they may ditch the service in favor of competitors. Microsoft (NASDAQ:MSFT) and Verizon (NYSE:VZ) provide just two of the many alternatives Amazon S3 users could turn to.
Rapid7 did note that Amazon had been “extremely responsive” to the S3 crisis. However, if they are not careful, they could lose market leadership in the cloud technologies business, a market that will surpass $130 billion in spending this year.
Don’t Miss: Will Amazon’s Outage Hurt Like Netflix’s?