Amazon has introduced key safety enhancements for Redshift, a well-liked information warehousing resolution, to assist stop information exposures because of misconfigurations and insecure default settings.
Redshift is extensively utilized by enterprises for enterprise intelligence and large information analytics for information warehousing, competing with Google BigQuery, Snowflake, and Azure Synapse Analytics.
It is valued for its petabyte-scale information dealing with effectivity and efficiency, scalability, and cost-effectiveness.
Nevertheless, poor configurations and lax default settings have led to huge information breaches, just like the Medibank ransomware incident in October 2022, which reportedly concerned entry to the agency’s Redshift platform.
Strengthening Redshift safety
Final week, AWS introduced that it’s implementing three safety defaults for newly created provisioned clusters to considerably improve the platform’s information security and decrease the probability of catastrophic information leaks.
The primary measure is to limit public entry for brand spanking new clusters by default, confining them throughout the person’s Digital Non-public Cloud (VPC) and stopping direct exterior entry.
Public entry should be explicitly enabled if wanted, with safety teams and community entry management lists (ACLs) really useful to customers for restricted entry.
The second change is to allow encryption by default for all clusters to ensure that even unauthorized entry is not going to end in information publicity.
Customers will now must specify an encryption key, or the clusters can be encrypted utilizing an AWS-owned Key Administration Service (KMS) key.
Customers counting on unencrypted clusters for information sharing should guarantee each producer and client clusters are encrypted. Failure to regulate these workflows might end in disruptions when the adjustments go dwell.
The third change is implementing safe SSL (TLS) connections by default for all new and restored clusters, stopping information interception and “man-in-the-middle” assaults.
Customers with customized parameter teams are inspired to allow SSL for enhanced safety manually.
You will need to word that these adjustments will affect newly created provisioned clusters, serverless workgroups, and restored clusters, so current setups is not going to be instantly affected.
Nevertheless, AWS recommends that clients overview and replace their configurations as wanted to align with the brand new safety defaults and keep away from operational disruptions.
“We recommend that all Amazon Redshift customers review their current configurations for this service and consider implementing the new security measures across their applications,” reads the announcement.
“These security enhancements could impact existing workflows that rely on public access, unencrypted clusters, or non-SSL connections.”
Clients in search of steering and assist are directed to learn the web ‘Administration Information‘ or contact AWS Assist.
