Client-Side Encryption with Customer Provided Keys (CSE-C)

Please note that this course has been retired and replaced with a new course, Using Encryption to Protect Your Data on Amazon S3.

 

We have all seen in the media numerous occurrences whereby large international organizations have had their data exposed and leaked that had been stored on S3.  Any sensitive data stored in the cloud MUST be encrypted, and when storing your data on S3 there are multiple different options that you can choose from to enable you to protect your data with encryption.  To help you understand these mechanisms, this course will guide you through the process of how each of them works, not just from an encryption perspective but also at a decryption level.  This will allow you to make the right choice when it comes to selecting the most appropriate method of encryption to align with your own internal security strategy.

Learning Objectives

By the end of this course series you will be able to explain the encryption and decryption process for:

• Server-Side Encryption with S3 Managed Keys (SSE-S3)
• Server-Side Encryption with KMS Managed Keys (SSE-KMS)
• Server-Side Encryption with Customer Provided Keys (SSE-C)
• Client-Side Encryption with KMS Managed Keys (CSE-KMS)
• Client-Side Encryption with Customer Provided Keys (CSE-C)

Intended Audience

This course is intended for those who have the responsibility of storing, managing, and protecting data that is stored on Amazon S3. 

Prerequisites

This is an advanced level course and so it is essential that you have an understanding of S3 and that you have the knowledge to enable you to upload and retrieve data along with how to select different encryption options. In addition to this, you must also be familiar with the KMS service and understand both CMKs and Data encryption keys.