AWS Security Blog
AWS renews MTCS Level 3 certification under the SS584:2020 standard
Amazon Web Services (AWS) is pleased to announce the renewal of the Multi-Tier Cloud Security (MTCS) Level 3 certification under the SS584:2020 standard in December 2024 for the Asia Pacific (Singapore), Asia Pacific (Seoul), and United States AWS Regions, excluding AWS GovCloud (US) Regions. This achievement reaffirms our commitment to maintaining the highest security standards for our global customers, particularly those in Singapore and the Asia-Pacific.
AWS was the first cloud service provider (CSP) to attain MTCS Level 3 certification for Singapore in 2014. We continued this leadership by being among the first CSPs certified under the updated SS584:2020 Level 3 standard in 2021. Our dedication to expanding our security coverage is evident in the significant increase of in-scope services from 145 to 184, representing a 27% growth since 2021.
The MTCS standard is recognized as the world’s first cloud security standard to specify a multi-tiered management system for cloud security. This standard can be applied by CSPs to support differing cloud user needs for data sensitivity and business criticality, and the use of MTCS is mandated by the Singapore government as a requirement for public sector agencies and regulated organizations.
As part of our commitment to transparency, AWS fulfills the self-disclosure requirement for CSPs, providing detailed service-oriented information typically found in service level agreements. This allows our customers to make informed decisions about their cloud security needs.
The MTCS framework establishes three levels of security, with Level 3 being the most stringent:
- Level 1: Designed for non-business-critical data and systems with baseline security controls.
- Level 2: Addresses the needs of organizations that run business-critical data and systems in public or third-party cloud systems.
- Level 3: Tailored for regulated organizations with specific and more stringent security requirements, including industry-specific regulations.
Benefits of the MTCS Level 3 certification
By achieving MTCS Level 3 certification, AWS helps Singapore customers in regulated industries to securely host applications and systems with highly sensitive information. This includes confidential business data, financial records, and medical records in a Level-3-compliant MTCS environment.
As cloud technology continues to evolve, AWS remains dedicated to maintaining and exceeding the highest security standards. Our renewed MTCS Level 3 certification under the SS584:2020 standard is a testament to this commitment, enabling our customers in Singapore and around the world to use AWS services with confidence for their most sensitive and critical workloads.
You can now download the latest MTCS certificates and the MTCS Self-Disclosure Form in AWS Artifact. Sign in to AWS Artifact in the AWS Management Console, or learn more at Getting Started with AWS Artifact. For a full list of AWS services that are certified under MTCS, see the AWS Multi-Tier Cloud Security (MTCS) page
To learn more about our compliance and security programs, see AWS Compliance Programs. As always, we value your feedback and questions; reach out to the AWS Compliance team through the Contact Us page.
If you have feedback about this post, submit comments in the Comments section below.