Category: Compliance

Cryptography is everywhere in our daily lives. If you’re reading this blog, you’re using HTTPS, an extension of HTTP that uses encryption to secure communications. On AWS, multiple services and capabilities help you manage keys and encryption, such as: AWS Key Management Service (AWS KMS), which you can use to create and protect keys to […]

February 26, 2024 – Post updated to link to a sample CloudFormation hook in the AWS CloudFormation GitHub Repository. January 12, 2023 – Post updated with the current regional availability. When operating a business, you have to find the right balance between speed and control for your cloud operations. On one side, you want to […]

Today, customers in regulated industries face the challenge of defining and enforcing controls needed to meet compliance and security requirements while empowering engineers to make their design choices. In addition to addressing risk, reliability, performance, and resiliency requirements, organizations may also need to comply with frameworks and standards such as PCI DSS and NIST 800-53. […]

With Amazon Redshift, you can analyze data in the cloud at any scale. Amazon Redshift offers native data protection capabilities to protect your data using automatic and manual snapshots. This works great by itself, but when you’re using other AWS services, you have to configure more than one tool to manage your data protection policies. […]

April 11, 2023 – At AWS re:Invent, AWS Control Tower introduced Comprehensive Controls Management to help you apply managed controls based on service, control objective, or compliance framework. Data residency controls can now be found in the Controls library. For detailed instructions, you can follow the Controls that enhance data residency protection section of the […]

As we anticipated in this post, the anomaly and threat detection for Amazon Simple Storage Service (Amazon S3) activities that was previously available in Amazon Macie has now been enhanced and reduced in cost by over 80% as part of Amazon GuardDuty. This expands GuardDuty threat detection coverage beyond workloads and AWS accounts to also help you protect […]

Amazon Macie is a fully managed service that helps you discover and protect your sensitive data, using machine learning to automatically spot and classify data for you. Over time, Macie customers told us what they like, and what they didn’t. The service team has worked hard to address this feedback, and today I am very happy […]