It happened again. Twice, in fact, just last week: cloud security issues in the mainstream. First we learned that the WWE left their S3 bucket open with private data of 3 million fans, then we learned that Verizon did the same, but for 300 million people.
Of course, CloudCheckr offers copious cloud security tools to prevent breaches like this. To make it even easier for non-CloudCheckr customers, we have created a free tool to check the permissions of your S3 bucket and see if it is public or private.
Remember that Amazon Web Services uses a Shared Responsibility Model when it comes to security. They give you the keys but you need to lock down your data. In fact it is the default configuration to be private, so you would have to explicitly change permissions to public, like deliberately unlocking the door of your house on your way out. Not only is the tool free and publicly accessible—we have made it easier to use. First, you only have to type in the short identifier for the bucket name, and we gave it a more memorable address, S3Checkr.com.
Thanks to CloudCheckr’s self-healing capabilities, you can authorize the app to fix issues on your behalf, manually, or even automatically upon detection. In such cases, you will appreciate getting an email with a summary report of what checks discovered issues, and fixed them. We also added the ability to automatically fix under and over-utilized EC2 instances. This way, you always have enough capacity without spending too much on computing resources you don’t need.
CSPs can now generate Azure invoices based on subscription families, manually, or schedule them in advance. This can be a big time saver, especially if you have a lot of Azure customers. We added a bunch of Best Practice Checks for our Azure offering, all dealing with security. We help protect your SQL Servers and Redis Cache from too broad a range of IP addresses or even known bad addresses which have been blacklisted. In this era of hackers and cybercrime, you really can’t afford to leave your resources exposed.
GOOGLE CLOUD UPDATES
The hard part about moving to the cloud is tracking all of your assets. In the data center, you could literally walk around and examine them. In the cloud, things are more nebulous and the inventory you need to track is virtual. We have made it easier with new Google Cloud inventory reports for Images, Snapshots, SSL Certificates, Organization and Project Policies.
To learn more about these and other new features, check out our Support site.
Sign up for a free, 14-day trial to experience how CloudCheckr can simplify cloud cost and management for your organization.