Blog

10 S3 Best Practices for Improving AWS Security

by Hannah Grace Holladay / April 12, 2023

The Amazon Simple Storage Service (Amazon S3) celebrated its 15th birthday in 2021. S3 was conceived as a straightforward scalable object storage system developers could use without concerning themselves with files systems—everything on S3 is an addressable object in a bucket. S3 quickly rose to dominate the object storage space. Because it is used everywhere, AWS S3 security as well as the privacy and confidentiality of the data businesses store…

Testing MFA Controls: Learning from the CISA Cybersecurity Advisory

by Hannah Grace Holladay / June 14, 2023

You thought you did everything right. You enabled multi-factor authentication (MFA) on all of your accounts and configured it so that all employees and customers are required to use it. You have automated checks set up to make sure MFA is still required. And yet you still experience a data breach. This is exactly what happened to the non-governmental organization (NGO) described in the Federal Bureau of Investigation (FBI) and…

How to Prevent Ransomware

by Hannah Grace Holladay / June 14, 2023

Ransomware is perhaps the most disruptive and infuriating security threat facing businesses in 2022. A ransomware infection is a symptom of an information and infrastructure security failure that may hurt a business’s reputation and pose a compliance risk. Ransomware not only deprives a business of data essential to its operations; it also forces business leaders to decide whether to pay off criminals—an action that has ethical, financial, and legal implications.…

6 Steps to Prevent Data Breaches

by Hannah Grace Holladay / June 14, 2023

As we enter a new year, it’s traditional to look back at the successes and failures of the last twelve months. The information security world is no different, and as the year draws to a close, information security writers publish a flurry of articles with titles like The Top Data Breaches of 2021 and The Top 5 Scariest Data Breaches in 2021. They are sobering reading: each listicle entry represents…

How to Achieve PCI DSS Compliance on AWS

by Hannah Grace Holladay / February 15, 2023

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard merchants and service providers must comply with if they store, process, or transmit cardholder data. PCI DSS includes over 400 information security requirements, including requirements that apply to cloud infrastructure such as Amazon Web Services (AWS). Organizations that use AWS to store and process credit card data must ensure their cloud infrastructure is compliant. But maintaining…

10 S3 Best Practices for Improving AWS Security

Testing MFA Controls: Learning from the CISA Cybersecurity Advisory

How to Prevent Ransomware

6 Steps to Prevent Data Breaches

How to Achieve PCI DSS Compliance on AWS

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.