Reply to post: Re: S3 bucket default is *private* to that account

Yet another AWS config fumble: Time Warner Cable exposes 4 million subscriber records


Re: S3 bucket default is *private* to that account

The big cloud vendors like AWS don't "declare themselves secure", they publish and are regularly audited on the security of their areas of responsibility, by dozens of regulatory bodies worldwide.

Cloud security *configuration* is much easier than on-prem, its easier to set a policy on an AWS VPC Security Group, or an Azure Vnet NSG than for instance on a checkpoint firewall, I know. I've done all 3.

Security *design* is just as important in cloud or legacy environments.

A good idiot can stuff up either, but given equal competence Cloud is more secure, because the cloud providers can build a better, more secure data centre than you can.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020