Subscribe

Amazon encrypts S3 data

January 20, 2023

Amazon has made encryption the default setting for all of its Simple Storage Service (S3) is a cloud storage service provided by Amazon Web Services (AWS).

The S3 service automatically encrypts data at rest with 256-bit keys using the Advanced Encryption Standard (AES) algorithm. This means that all data stored in an S3 bucket is automatically encrypted, adding an extra layer of protection to the data. Additionally, users can encrypt data using their own encryption keys (SSE-C) or bring their own encryption keys (SSE-KMS, SSE-S3). This feature assists customers in meeting data privacy and regulatory requirements, as well as securing sensitive data in the cloud.

Since January 5, the S3 platform has encrypted by default all new objects added to buckets, using server-side encryption (SSE-S3) with 256-bit AES for each new object, unless the user specifies a different encryption option. This change is now in effect across all AWS Regions.

Server-side encryption (SSE) of data at rest is supported by Amazon S3, which means that data stored in an S3 bucket is automatically encrypted before it is written to disk and decrypted when it is read. S3 supports the following encryption methods for data at rest.

Amazon S3 manages the encryption and decryption process for the user in SSE-S3. Amazon S3 manages and protects the keys. Amazon S3 uses the AWS Key Management Service (KMS) to manage the encryption and decryption process in SSE-KMS. The user has complete control over the encryption keys and has the ability to audit and manage their use. In SSE-C, the user supplies their own encryption keys, which Amazon S3 uses to encrypt and decrypt data.

The user is in charge of managing and safeguarding the encryption keys. While S3 does support client-side encryption, which allows the user to encrypt data locally before uploading it to an S3 bucket. Overall, S3 encryption adds another layer of security to data stored in the cloud and assists customers in meeting data privacy and regulatory requirements.

The sources for this piece include an article in TheRegister.

Top Stories

GitHub Copilot to train on user data by default 

Microsoft pulls Copilot Chat from core Office apps for enterprise customers

OpenAI pauses ChatGPT erotic mode “indefinitely”

Researcher Says “APT” Label No Longer Reflects the Threat Landscape

How do you select a graph database? – Part 1

OpenAI plans major hiring push as competition intensifies

Related Articles

Google warns quantum computing could break encryption by 2029

March 27, 2026 Google has warned that quantum computers could break widely used encryption systems by 2029, urging organisations to more...

GitHub Copilot to train on user data by default 

March 27, 2026 Microsoft is updating GitHub Copilot to train on real-world developer interactions, expanding beyond public code datasets to more...

US Supreme Court narrows ISP liability in major piracy ruling

March 27, 2026 The US Supreme Court has ruled that internet service providers are not automatically liable for user piracy more...

Roblox safety measures face scrutiny despite new age verification rollout

March 26, 2026 An independent developer has raised concerns that Roblox’s safety systems do not adequately protect its large base more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.