AWS Snowball User Guide
Other Security Considerations for Snowball
• The encryption key is not changed by what AWS credentials you use – Because signing with the
Signature Version 4 algorithm is only used to verify the data traveling from its source to the adapter, it
never factors into the encryption keys used to encrypt your data on the Snowball.
• You can use any AWS profile – The Amazon S3 Adapter for Snowball never connects back to AWS to
verify your AWS credentials, so you can use any AWS profile with the adapter to sign the data traveling
between the workstation and the adapter.
• The Snowball doesn't contain any AWS credentials – You manage access control and authorization
to a Snowball on-premises. No software on the Snowball or adapter differentiates access between one
user and another. When someone has access to a Snowball, the manifest, and the unlock code, that
person has complete and total access to the appliance and all data on it. We recommend that you plan
physical and network access for the Snowball accordingly.
Other Security Considerations for Snowball
Following are some security points that we recommend you consider when using Snowball, and also
some high-level information on other security precautions that we take when a Snowball arrives at AWS
for processing.
We recommend the following security approaches:
• When the Snowball first arrives, inspect it for damage or obvious tampering. If you notice anything
that looks suspicious about the Snowball, don't connect it to your internal network. Instead, contact
AWS Support, and a new Snowball will be shipped to you.
• You should make an effort to protect your job credentials from disclosure. Any individual who has
access to a job's manifest and unlock code can access the contents of the Snowball appliance sent for
that job.
• Don't leave the Snowball sitting on a loading dock. Left on a loading dock, it can be exposed to the
elements. Although the Snowball is rugged, weather can damage the sturdiest of hardware. Report
stolen, missing, or broken Snowballs as soon as possible. The sooner such a Snowball issue is reported,
the sooner another one can be sent to complete your job.
Note
The Snowball is the property of AWS. Tampering with a Snowball is a violation of the AWS
Acceptable Use Policy. For more information, see http://aws.amazon.com/aup/.
We perform the following security steps:
• All objects transferred to the Snowball have their metadata changed. The only metadata that remains
the same is filename and filesize. All other metadata is set as in the following example: -rw-rw-
r-- 1 root root [filesize] Dec 31 1969 [path/filename]
• When a Snowball arrives at AWS, we inspect every appliance for any signs of tampering and to verify
that no changes were detected by the Trusted Platform Module (TPM). AWS Snowball uses multiple
layers of security designed to protect your data, including tamper-resistant enclosures, 256-bit
encryption, and an industry-standard TPM designed to provide both security and full chain of custody
for your data.
• Once the data transfer job has been processed and verified, AWS performs a software erasure of the
Snowball appliance that follows the National Institute of Standards and Technology (NIST) guidelines
for media sanitization.
86
To Next Page
Loading...