AWS News Blog

Updated AWS Security White Paper; New Risk and Compliance White Paper

We have updated the AWS Security White Paper and we’ve created a new Risk and Compliance White Paper.  Both are available now.

The AWS Security White Paper describes our physical and operational security principles and practices.

It includes a description of the shared responsibility model, a summary of our control environment, a review of secure design principles, and detailed information about the security and backup considerations related to each part of AWS including the Virtual Private Cloud, EC2, and the Simple Storage Service.

The new AWS Risk and Compliance White Paper covers a number of important topics including (again) the shared responsibility model, additional information about our control environment and how to evaluate it, and detailed information about our certifications and third-party attestations. A section on key compliance issues addresses a number of topics that we are asked about on a regular basis.

The AWS Security team and the AWS Compliance team are complimentary organizations and are responsible for the security infrastructure, practices, and compliance programs described in these white papers. The AWS Security team is headed by our Chief Information Security Officer and is based outside of Washington, DC. Like most parts of AWS, this team is growing and they have a number of open positions:

  • IT Security Software Development Engineer
  • Software Development Engineer – Amazon Web Services
  • IT Security Software Development Engineer

We also have a number of security-related positions open in Seattle:

  • Software Development Engineer – EC2 Network Security
  • Senior Software Development Engineer – EC2 Network Security
  • Senior Software Development Engineer – EC2
  • Application Security Engineer
  • Software Development Engineer – AWS Identity & Access
  • Software Development Engineer
  • System Engineer
  • Principal Product Manager – AWS Identity and Access Management

— Jeff;

Modified 2/9/2021 – In an effort to ensure a great experience, expired links in this post have been updated or removed from the original post.
Jeff Barr

Jeff Barr

Jeff Barr is Chief Evangelist for AWS. He started this blog in 2004 and has been writing posts just about non-stop ever since.