Files uploaded on S3 are not encrypted. To make them secure, we either need to encrypt the file at client's end then upload or configure S3 settings to encrypt the files after upload. i.e Server Side Encryption.
Amazon S3 Server Side Encryption (SSE) employs AES-256, an encryption standard that provides a considerably high level of protection.
To allow SSE for S3, just include following code in headers while uploading file:
'x-amz-server-side-encryption' => 'AES256'
To check, login to S3 and check properties of the file uploaded. The "Server Side Encryption" option under Details tab should show AES-256 radio selected.
Attached is the screenshot of the same.