Cybersecurity researchers say data hosted on AWS servers is often accidentally exposed due to mistakes made by the company's clients configuring their security settings.
Amazon's cloud computing customers have to decide themselves how best to protect sensitive information online, a senior executive said on Tuesday, following accusations by US lawmakers that the Web giant has not done enough to secure data on its servers. Amazon Web Services (AWS), the cloud computing arm of Amazon.com, has come under fire following a series of high-profile data breaches, including one this year involving the personal information of 106 million people stored on its servers by Capital One Financial.
Chief Technology Officer Werner Vogels said AWS provided multiple services to help customers identify if their data was being stored appropriately and flag any possible problems, but the decision about which settings to use lay with those clients.
"We feel we have a responsibility in making sure you take the right actions, but in the end it's only you who can decide what is the right action there and what's not," he told Reuters on the sidelines of the Web Summit tech conference in Lisbon.
"I'm not going to look at your data thinking like 'hey, these are cat videos, maybe you shouldn't do that'." He added that customers should use tighter security controls for sensitive data such as credit card information.
Cyber-security researchers say data hosted on AWS servers is often accidentally exposed due to mistakes made by the company's clients configuring their security settings.
The alleged Capital One hacker, for example, was able to access the firm's data due to a wrongly-configured Web application firewall, US prosecutors have said.
Analysts at Gartner predict client mistakes will account for 99 percent of "cloud security failures" over the next six years.
Vogels said the AWS system warned customers with a "massive red button" when they configured online storage containers - known as buckets - to be accessible by anyone online, a setting deliberately chosen for some products and applications.
The company also provides tools which clients can run to analyse the type of data they are storing and spot commonly associated slip-ups, he said.
"If you (change) the configuration on your bucket to world-readable, you will get lots of alarm bells going off," he said. "It's up to the individual customer to decide what's right and what's wrong."
© Thomson Reuters 2019
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.