AWS Security Blog

Category: Compliance*

Addressing Data Residency with AWS

AWS has released a new whitepaper that has been requested by many AWS customers: AWS Policy Perspectives: Data Residency. Data residency is the requirement that all customer content processed and stored in an IT system must remain within a specific country’s borders, and it is one of the foremost concerns of governments that want to […]

Read More

AWS Adds 16 More Services to Its PCI DSS Compliance Program

AWS has added 16 more AWS services to its Payment Card Industry Data Security Standard (PCI DSS) compliance program, giving you more options, flexibility, and functionality to process and store sensitive payment card data in the AWS Cloud. The services were audited by Coalfire to ensure that they meet strict PCI DSS standards. The newly compliant AWS services are: Amazon […]

Read More

Amazon Web Services Is the First Global Cloud Service Provider to Achieve the Korea-Information Security Management System Certification

Scope of certification: Operation of infrastructure in the AWS Asia Pacific (Seoul) Region Period of validity: December 27, 2017, through December 26, 2020 Amazon Web Services (AWS) has achieved the Korea-Information Security Management System (K-ISMS) Certification. The Korea Internet and Security Agency (KISA) completed its assessment of AWS, which covered the operation of infrastructure (such […]

Read More

EU Compliance Update: AWS’s 2017 C5 Assessment

AWS has completed its 2017 assessment against the Cloud Computing Compliance Controls Catalog (C5) information security and compliance program. Bundesamt für Sicherheit in der Informationstechnik (BSI)—Germany’s national cybersecurity authority—established C5 to define a reference standard for German cloud security requirements. With C5 (as well as with IT-Grundschutz), customers in German member states can use the […]

Read More

A New Guide to Banking Regulations and Guidelines in India

The AWS User Guide to Banking Regulations and Guidelines in India was published in December 2017 and includes information that can help banks regulated by the Reserve Bank of India (RBI) assess how to implement an appropriate information security, risk management, and governance program in the AWS Cloud. The guide focuses on the following key […]

Read More

Two New Documents to Help You Navigate Australian Prudential Regulation Authority (APRA) Requirements

AWS has published two new documents to help Financial Services customers understand how to operate in the cloud within the requirements of the Australian Prudential Regulation Authority (APRA). These documents continue AWS’s efforts to help customers navigate Australian regulatory requirements in a shared responsibility environment. The two new APRA-related documents are: AWS User Guide to […]

Read More

The Most Viewed AWS Security Blog Posts in 2017

The following 10 posts were the most viewed AWS Security Blog posts that we published during 2017. You can use this list as a guide to catch up on your AWS Security Blog reading or read a post again that you found particularly useful. Coming Soon: Improvements to How You Sign In to Your AWS […]

Read More

AWS Updated Its ISO Certifications and Now Has 67 Services Under ISO Compliance

AWS has updated its certifications against ISO 9001, ISO 27001, ISO 27017, and ISO 27018 standards, bringing the total to 67 services now under ISO compliance. We added the following 29 services this cycle: • Amazon Aurora • Amazon S3 Transfer Acceleration • AWS Lambda@Edge • Amazon Cloud Directory • Amazon SageMaker • AWS Managed […]

Read More

A New AWS Government, Education, and Nonprofits Blog Post: “AWS Achieves Full Empanelment for the Delivery of Cloud Services by India’s Ministry of Electronics and Information Technology”

AWS recently announced that Amazon Internet Services Private Limited (AISPL), an Indian subsidiary of the Amazon Group that undertakes the resale and marketing of AWS Cloud services in India, has achieved full Cloud Service Provider (CSP) empanelment and successfully completed the Standardization Testing and Quality Certification (STQC) audit from the Indian Ministry of Electronics and […]

Read More

Introducing the New GDPR Center and “Navigating GDPR Compliance on AWS” Whitepaper

At AWS re:Invent 2017, the AWS Compliance team participated in excellent engagements with AWS customers about the General Data Protection Regulation (GDPR), including discussions that generated helpful input. Today, I am announcing resulting enhancements to our recently launched GDPR Center and the release of a new whitepaper, Navigating GDPR Compliance on AWS. The resources available […]

Read More