AWS s3 Encryption and Data Protection – Baffle

By Ameesh Divatia, CEO and co-founder | August 2, 2022

Having just returned from AWS’s security event, re:Inforce, in Boston, after a three-year hiatus, I was inspired and encouraged by what I learned. Looking around the busy show floor, my first thought was, “We’re back!” Conferences energize me and give me a way to get first-hand perspectives about market trends and where companies are focusing their time and budgets.

One main takeaway I got from the show is that data security is rapidly emerging. Kurt Kufeld, VP of AWS Platforms, said in his keynote, “Encryption is the core component of a good data protection strategy,” along with a call to action to “Encrypt Everything”!  Focusing on tools that discover which data is subject to compliance is one thing, but companies must mitigate risk and protect the data. Data is really where the threats will persist so companies need to build security into the data pipeline itself as new data gets created, transported and processed.

Why data security? Why now? Compliance. If the data shows up in the wrong place, a company can get into a lot of trouble with compliance. In a survey we conducted with Enterprise Management Associates, we gleaned some interesting results. Not only did 93% of respondents say that they have lots of compliance related effects on their budgets, but 75% of companies believe that it makes them better. They consider their security posture as a competitive differentiator. Compliance is more than a nice-to-have proposition, it’s a critical business strategy.

In my conversation with SiliconANGLE’s John Furrier we talked about the volume of data growing exponentially. Companies need to address this growth by replacing traditional legacy tokenization with a more modern and efficient solution that protects data through the pipeline. Baffle does that as an inline reverse proxy layer that is invisible to the data storer, which encrypts and decrypts data on the fly. A proxy is the most efficient way of encrypting data, and it eliminates the need for app development resources. The cloud is uniquely suited for this kind of solution with providers offering scalable processing and containerization, built in redundancy, and reliable load balancing. 

With cyber attacks increasing, and the costs of data breaches and non compliance rising, enterprises are adopting more security controls. However, hackers are always one step ahead. They have found more sophisticated methods, such as infiltrating the supply chain for software and embedding zero day vulnerabilities that can be exploited. Reactive measures, such as observation and detection, cannot keep up. So, the protection model must transform to ensure that the controls are fail-safe and proactively protect sensitive data.

You can view Ameesh’s conversation on theCUBE here.
Learn more about Baffle’s ‘no-code’ proxy architecture for data security