Category: Security, Identity, & Compliance

We have received a lot of great feedback on the partner webinars that we held in April. In conjunction with our partners, we will be holding two more webinars this month. The webinars are free, but space is limited and preregistration is advisable. In May we are turning our focus to the all-important topic of […]

Compliance with FedRAMP is a complex process with a high bar for a providers security practices. Because few providers have secured an Authority To Operate (ATO) under FedRAMP, and FedRAMP in general is very new, the topic often leaves many confused. So, we wanted to build upon our press release, security blog post, and AWS blog post […]

AWS has achieved FedRAMP compliance now federal agencies can save significant time, costs and resources in their evaluation of AWS! After demonstrating adherence to hundreds of controls by providing thousands of artifacts as part of a security assessment, AWS has been certified by a FedRAMP-accredited third-party assessor (3PAO) and has achieved agency ATOs (Authority to […]

The AWS team works non-stop to improve the security of our services. As you can see from the timeline below, many of our recent releases have made it easier for you to secure your cloud resources. The new AWS Security Blog is your one-stop shop for best practices, how-to guides, customer stories, and more. Like […]

Back in the early days of AWS, I would often receive questions that boiled down to “This sounds really interesting, but what about security?” We created the AWS Security & Compliance Center to publish information about the various reports, certifications, and independent attestations that we’ve earned and to provide you with additional information about the […]

As you can tell by looking at the AWS Security and Compliance Center, we take security seriously. You can find information about our certifications and accreditations in the center, along with links to four security white papers. I would also like to recommend a new AWS video to you. In the video, AWS VP and […]

We have updated the AWS Security White Paper and we’ve created a new Risk and Compliance White Paper.  Both are available now. The AWS Security White Paper describes our physical and operational security principles and practices. It includes a description of the shared responsibility model, a summary of our control environment, a review of secure […]

If your application needs to process, store, or transmit credit card data, you are probably familiar with the Payment Card Industry Data Security Standard, otherwise known as PCI DSS. This standard specifies best practices and security controls needed to keep credit card data safe and secure during transit, processing, and storage. Among other things, it […]