AWS Security Blog

Category: Compliance

AWS completes TISAX high assessment

We have completed the European automotive industry’s TISAX high assessment for 43 services. To successfully complete the TISAX high assessment, EY Germany conducted an independent audit, and attested that our information management system meets industry-set standards. This provides automotive industry organizations the assurance needed to build secure applications and services on AWS. TISAX was established by the German Association […]

Read More

AWS Compliance Center for financial services now available

On Tuesday, September 4, AWS announced the launch of an AWS Compliance Center for our Financial Services (FS) customers. This addition to our compliance offerings gives you a central location to research cloud-related regulatory requirements that impact the financial services industry. Prior to the launch of the AWS Compliance Center, customers preparing to adopt AWS […]

Read More

AWS achieves FedRAMP JAB High and Moderate Provisional Authorization across 14 Services in the AWS US East/West and GovCloud Regions

Since I launched our FedRAMP program way back in 2013, it has always excited me to talk about how we’re continually expanding the scope of our compliance programs because that means you’re able to use more of our services for sensitive and regulated workloads. Up to this point, we’ve had 22 services in our US […]

Read More

New guide helps financial services customers in Brazil navigate cloud requirements

We have a new resource to help our financial services customers in Brazil navigate regulatory requirements for using the cloud. The AWS User Guide to Financial Services Regulations in Brazil is a deep dive into the Brazilian National Monetary Council’s Resolution No. 4,658. The cybersecurity cloud resolution is the first of its kind by regulators […]

Read More

U.K. National Health Services IGToolkit Assessment report now available

We know that customers often seek out third-party tools to allow for the baselining and benchmarking of their environment. Additionally, healthcare and life sciences customers (HCLS) have specific needs, which is why we continually strive to meet relevant global standards validating our security and compliance. Today, we’d like to take a look at a new […]

Read More

Accept a BAA with AWS for all accounts in your organization

I’m excited to announce to our healthcare customers and partners that you can now accept a single AWS Business Associate Addendum (BAA) for all accounts within your organization. Once accepted, all current and future accounts created or added to your organization will immediately be covered by the BAA. Our team is always thinking about how […]

Read More

New PCI DSS report now available, eight services added in scope

We continue to expand the scope of our assurance programs to support your most important workloads. I’m pleased to tell you that eight services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) certification. With these additions, you can now select from a total of 62 PCI-compliant services. […]

Read More

Podcast: We developed Amazon GuardDuty to meet scaling demands, now it could assist with compliance considerations such as GDPR

It isn’t simple to meet the scaling requirements of AWS when creating a threat detection monitoring service. Our service teams have to maintain the ability to deliver at a rapid pace. That led to the question what can be done to make a security service as frictionless as possible to business demands? Core parts of […]

Read More

New guide helps explain cloud security with AWS for public sector customers in India

Our teams are continuing to focus on compliance enablement around the world and now that includes a new guide for public sector customers in India. The User Guide for Government Departments and Agencies in India provides information that helps government users at various central, state, district, and municipal agencies understand security and controls available with […]

Read More

Podcast: How AWS KMS could help customers meet encryption and deletion requirements, including GDPR

Encryption is a powerful tool to protect your data but it can be difficult to get right because it demands understanding how encryption keys are created, distributed, used, and managed. To make encryption easier to use, we created AWS Key Management Service (KMS) to let you scale your use of the cloud without struggling to […]

Read More