Safeguards for Account data deletion?
Due to the latest news (https://www.theguardian.com/australia-news/article/2024/may/09/unisuper-google-cloud-issue-account-access), come Monday morning, we are probably going to be bombarded by questions from our higher ups about what safeguards are in place to ensure that this doesn't happen to our AWS accounts. Do we have documentation that describes why this wouldn't happen at AWS?
- Newest
- Most votes
- Most comments
The one safeguard there is is the post-closure period, during which you can reopen your account and all data isn't deleted yet.
https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-closing.html#post-closure-period
This on account level, on a service level there are termination and deletion policies to protect from accidental deletion as well.
I suggest you use System and Organization Controls (SOC) as the reference, especially Control Object 6: Change Management under Section IV.
Actually looking to get more of an answer that addresses what occurred in the article. This was (the Vendor) terminating the client's account by mistake which in turn caused the client's data to be deleted across the service.
Relevant content
- Accepted Answerasked 2 years ago
- asked 5 months ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
This sounds like a great safeguard if it applies to actions taken by the AWS Team as well.
Account closure is a common process with both internal reasons and external requests. So yes, it applies to actions taken internally.