The lack of care being taken to correctly configure cloud environments has once again been highlighted by two serious data leaks in the UK caused by leaking Amazon Simple Storage Service (S3) bucket databases.
As a default setting, Amazon S3 buckets are private and can only be accessed by individuals who have explicitly been granted access to their contents, so their continued exposure points to the concerning fact that consistent messaging around cloud security policy, implementation and configuration is failing to get through to many IT professionals.