Subscribe

Amazon encrypts S3 data

January 20, 2023

Amazon has made encryption the default setting for all of its Simple Storage Service (S3) is a cloud storage service provided by Amazon Web Services (AWS).

The S3 service automatically encrypts data at rest with 256-bit keys using the Advanced Encryption Standard (AES) algorithm. This means that all data stored in an S3 bucket is automatically encrypted, adding an extra layer of protection to the data. Additionally, users can encrypt data using their own encryption keys (SSE-C) or bring their own encryption keys (SSE-KMS, SSE-S3). This feature assists customers in meeting data privacy and regulatory requirements, as well as securing sensitive data in the cloud.

Since January 5, the S3 platform has encrypted by default all new objects added to buckets, using server-side encryption (SSE-S3) with 256-bit AES for each new object, unless the user specifies a different encryption option. This change is now in effect across all AWS Regions.

Server-side encryption (SSE) of data at rest is supported by Amazon S3, which means that data stored in an S3 bucket is automatically encrypted before it is written to disk and decrypted when it is read. S3 supports the following encryption methods for data at rest.

Amazon S3 manages the encryption and decryption process for the user in SSE-S3. Amazon S3 manages and protects the keys. Amazon S3 uses the AWS Key Management Service (KMS) to manage the encryption and decryption process in SSE-KMS. The user has complete control over the encryption keys and has the ability to audit and manage their use. In SSE-C, the user supplies their own encryption keys, which Amazon S3 uses to encrypt and decrypt data.

The user is in charge of managing and safeguarding the encryption keys. While S3 does support client-side encryption, which allows the user to encrypt data locally before uploading it to an S3 bucket. Overall, S3 encryption adds another layer of security to data stored in the cloud and assists customers in meeting data privacy and regulatory requirements.

The sources for this piece include an article in TheRegister.

Top Stories

Open-source project proposes loop-based architecture for Anthropic’s Claude Mythos

Researchers warn Anthropic protocol flaw could expose up to 200,000 servers to takeover

Anna’s Archive ordered to pay $322M over Spotify scraping case

Apple, Google search tools flagged for surfacing “nudify” deepfake apps

Suspect in Altman attack cited AI fears, urged violence against AI CEOs

How do you select a graph database? – Part 2

Related Articles

Deezer says AI songs now make up 44% of daily uploads

April 21, 2026 Deezer says it is now receiving nearly 75,000 AI-generated song submissions each day, accounting for about 44 more...

Bitcoin faces future quantum threat, Google warns

April 21, 2026 Google has warned that advances in quantum computing could expose Bitcoin to theft during active transactions, urging more...

‘Annoyance economy’ drains $165B a year from U.S. households, report finds

April 20, 2026 Everyday digital and administrative frustrations from cancelling subscriptions to dealing with spam calls are costing American households more...

Anna’s Archive ordered to pay $322M over Spotify scraping case

April 20, 2026 A U.S. court has ordered shadow library Anna’s Archive to pay $322 million in damages after finding more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.