You can protect data in transit using Secure Socket Layer/Transport Layer Security (SSL/TLS) or client-side encryption.
You should allow only encrypted connections over HTTPS (TLS) using the aws:SecureTransport condition on Amazon S3 bucket policies.
For protecting data at rest in Amazon S3 you can activate Encryption at Bucket or Object level and enforce it using a policy