Hello @MarkMagno @mestabrookuno I started to think about what we discussed last Monday during our meeting to think about developing this baseline.
we talked about categorizing the baseline based on different levels of security: high medium or low. To start we need to determine the common security controls that apply to all S3 buckets first and I try to compile a list of what I found based on the literature found previously (Security best practices for Amazon S3). Let me know what you think
Implement Access Controls that permit users and applications to have only the minimum amount of privileges they need to do their job. The IAM policies specify granular privileges and enforce bucket and object access controls.
Restrict Public Access, make sure that S3 buckets are not publicly accessible by default to prevent unauthorized users from accessing sensitive data. with the use of bucket policies and access control lists (ACLs) that restrict access to only authorized users and applications.
Enable Encryption to encrypt data at rest and in transit to protect it from unauthorized access. AWS offers options for server-side encryption using AWS Key Management Service (KMS) or Amazon S3-managed keys, as well as client-side encryption for added security.
Enable S3 server logging to log all bucket-level requests and object-level logging to monitor access to single objects. Then set up Amazon CloudWatch alerts to keep an eye out for suspicious activity and unauthorized access attempts.
Enable S3 bucket versioning to keep track of all versions of objects and prevent data from being accidentally deleted or changed. This enables to restoration of past versions of objects if data is corrupted or changed maliciously.
Hello @MarkMagno @mestabrookuno I started to think about what we discussed last Monday during our meeting to think about developing this baseline. we talked about categorizing the baseline based on different levels of security: high medium or low. To start we need to determine the common security controls that apply to all S3 buckets first and I try to compile a list of what I found based on the literature found previously (Security best practices for Amazon S3). Let me know what you think
Implement Access Controls that permit users and applications to have only the minimum amount of privileges they need to do their job. The IAM policies specify granular privileges and enforce bucket and object access controls.
Restrict Public Access, make sure that S3 buckets are not publicly accessible by default to prevent unauthorized users from accessing sensitive data. with the use of bucket policies and access control lists (ACLs) that restrict access to only authorized users and applications.
Enable Encryption to encrypt data at rest and in transit to protect it from unauthorized access. AWS offers options for server-side encryption using AWS Key Management Service (KMS) or Amazon S3-managed keys, as well as client-side encryption for added security.
Enable S3 server logging to log all bucket-level requests and object-level logging to monitor access to single objects. Then set up Amazon CloudWatch alerts to keep an eye out for suspicious activity and unauthorized access attempts.
Enable S3 bucket versioning to keep track of all versions of objects and prevent data from being accidentally deleted or changed. This enables to restoration of past versions of objects if data is corrupted or changed maliciously.