Sometimes, data storage has other purposes that go beyond the specific needs of your business. A great example of this is data that is governed by laws and regulations. Typically, highly sensitive data or personally identifiable data. In such cases, you will need to store your data in a storage that meets or exceeds this legal requirements. Data retention. This is the most common of regulatory requirements. In the event of a legal dispute, a claim, or security threat, data such as activity logs, for example, need to be kept for predetermined periods of time. Services such as AWS Glacier or AWS Backup offer tamper-proof long term storage solutions that follow the WORM model. That is 'Write Once, Read Many', meaning that once the data goes in, you can legally prove that it cannot be modified nor retrieved if this feature is desired for the desired period at the time. This is a great peace of mind against backup disasters and ransomware attacks. Data governance. There's some information that is simply too sensitive to be handled by just anyone. This includes medical records, government information, trade secrets, credit card numbers and more. In these cases, data needs to be protected both physically by limiting physical access to the building and performing frequent background checks on employees, and digitally by ensuring encryption in-transit and at-rest and safeguarding encryption keys.

S3 is compliant with most regulatory requirements, HIPPA, FedRAMP, PCI, and more. And if you store your data in S3, you can rest assured that at least the address component of your software solution meets or exceeds security requirements. Of course, encryption and digital access to this data still falls under your responsibility. Audited access. Another great feature of using S3 for storage is that you can turn on CloudTrail event logging. This means that you can have a tamper-proof activity log of who and when access each and every file in your storage. Again, great peace of mind, since this activity data can also be sent through machine learning for a nominal detection and find data leaks before they become an even bigger problem. Sanitizing data. If you haven't noticed already, I'm a big fan of S3 storage. This feature is one of my favorites. S3 Object Lambda is a Lambda function that you can associate with your S3 bucket and it can help you transform data before delivering to your users. This gives you the opportunity to wipe out any and all personally identifiable information, that's PII, before your consumers gain access to the data. This is just another layer of peace of mind and security.