Cyber Security News

Amazon Introduces Redshift Security Features to Prevent Data Leaks

Amazon Web Services (AWS) has announced significant updates to its popular data warehousing service, Amazon Redshift, with the introduction of enhanced security features aimed at minimizing data leaks and unauthorized access.

These new default settings strengthen the security posture of newly created Redshift clusters and align with industry best practices for safeguarding sensitive data.

The updates encompass three major changes: disabling public accessibility, enabling database encryption by default, and enforcing secure connections.

These security enhancements apply to newly provisioned Amazon Redshift clusters, Serverless workgroups, and clusters restored from snapshots, offering customers a more secure and simplified setup process.

Key Updates to Amazon Redshift Security

Disabling Public Accessibility:

Redshift clusters will now be private by default, accessible only within a customer’s Virtual Private Cloud (VPC).

This change limits exposure to the public internet, reducing the risk of unauthorized access. Customers requiring public access must explicitly override the default setting by configuring the PubliclyAccessible parameter during cluster creation.

AWS recommends using security groups or network access control lists (ACLs) to further control access when enabling public accessibility.

Enabling Database Encryption by Default:

All new Redshift clusters will automatically use encryption. Those created without specifying a Key Management Service (KMS) key will default to encryption using an AWS-managed key.

With this change, unencrypted clusters are no longer permitted via the AWS Management Console.

Existing workflows relying on unencrypted clusters, such as certain data-sharing configurations, will require adjustments to ensure compatibility with the new encryption requirement.

Enforcing Secure Connections (SSL):

Secure communication between applications and Redshift clusters is now enforced by default with the introduction of a new parameter group, default.redshift-2.0.

This group automatically sets the require_ssl parameter to true, ensuring that all data exchanged between applications and the database is encrypted to prevent eavesdropping and man-in-the-middle attacks.

While existing custom parameter groups remain unaffected, AWS encourages customers to update their configurations to adopt SSL across all Redshift connections.

These security enhancements are designed to reduce human error and eliminate common misconfigurations, offering customers a more secure out-of-the-box experience.

AWS has advised organizations to review their existing Redshift configurations, scripts, and workflows to align with the new defaults and avoid disruptions.

Amazon Redshift’s new security features underscore AWS’s commitment to protecting customer data while delivering scalable and user-friendly cloud solutions.

For businesses relying on Redshift for data warehousing, these updates mark a crucial step toward better cybersecurity and regulatory compliance.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Cisco IOS, XE, and XR Vulnerability Allows Remote Device Reboots

 Cisco has issued an urgent security advisory (cisco-sa-twamp-kV4FHugn) warning of a critical vulnerability in its…

3 hours ago

OpenCTI: Free Cyber Threat Intelligence Platform for Security Experts

OpenCTI (Open Cyber Threat Intelligence) stands out as a free, open source platform specifically designed…

4 hours ago

LockBit Ransomware Group Breached: Internal Chats and Data Leaked Online

The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber extortion…

6 hours ago

Cisco IOS XE Wireless Controllers Vulnerability Lets Attackers Seize Full Control

A critical security flaw has been discovered in Cisco IOS XE Wireless LAN Controllers (WLCs),…

7 hours ago

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…

21 hours ago

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…

21 hours ago