Home Amazon S3: Hundreds of Billions Served, Now with Encryption

Amazon S3: Hundreds of Billions Served, Now with Encryption

If you ever wondered whether Amazon S3 would be successful, I think we have the answer. Yesterday, Amazon provided an update on S3 growth, stating that S3 now stores 566 billion objects. To make S3 even more appealing, the company announced today that they’re adding server-side encryption to S3.

Amazon isn’t just hanging on to a lot of data, they’re also serving it at a breakneck pace. According to the post by Jeff Barr, Amazon handles up to 370,000 S3 requests per second.


That’s a lot of data, but Amazon wants to store more. To that end, they’re introducing server side encryption, which Barr says is an often-requested feature that will be “welcomed by our enterprise customers, perhaps as an overall strategy to encrypt sensitive data for regulatory or compliance reasons.”

If developers want to use the server-side encryption, Amazon does it transparently when you copy or store an object in S3. Here’s how it describes the process:

When you PUT an object and request encryption (in an HTTP header supplied as part of the PUT), we generate a unique key, encrypt your data with the key, and then encrypt the key with a master key. For added protection, keys are stored in hosts that are separate and distinct from those used to store your data.

Amazon is using AES-256 encryption, and says that the process for encryption, key management and decryption is audited regularly.

Customers have always been free to encrypt data before storing in S3, of course. Amazon’s server-side encryption seems like a good solution for some use cases, but the standard disclaimers should apply. If Amazon can decrypt the data on your request, it can decrypt the data at the government’s request too. Only use server-side encryption for data that you’re comfortable with Amazon being able to decrypt.

Do you think that server-side encryption is something that will encourage enterprise customers to make (more) use of S3?

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.