AWS Security Blog

Category: Compliance

AWS Certification Update – ISO 9001 Has 10 New Services in Scope

Today we’re happy to announce we’ve added 10 new services to our ISO 9001 certification: Amazon CloudFront Amazon EC2 Container Service (ECS) Amazon Elastic File System (EFS) Amazon Simple Email Service (SES) Amazon WorkDocs Amazon WorkMail Amazon WorkSpaces AWS Directory Service AWS Key Management Service (KMS) AWS WAF – Web Application Firewall This increases the […]

Read More

AWS Certification Update – ISO 27017

I am happy to announce that AWS has achieved ISO 27017 certification. This new criterion builds upon the ISO 27002 standard, with additional controls specifically applicable to cloud service providers. AWS is the first cloud provider to obtain this certification, which is available now for download on our AWS Cloud Compliance site. Additionally, we’ve posted an FAQ […]

Read More

AWS Announces Successful SOC Assessment with 3 New Services in Scope

Today, I’m happy to announce the completion of another successful Service Organization Controls (SOC) assessment. The AWS SOC program is an intense, period-in-time audit performed every six months. We have been releasing SOC Reports (or their SAS 70 predecessors) regularly since 2009, and we have, over the years, gradually built in more controls and added […]

Read More

Register to Attend an AWS Security Roadshow

Register to attend an AWS Security Roadshow, a free technical event where you can learn how to use AWS services—including those recently launched—to help improve the agility and maturity of your security and compliance programs. AWS Security Roadshow topics will include: AWS Security Overview What’s New Network Security and Access Control Within AWS Protecting Your Data in AWS Putting It […]

Read More

AWS Obtains ISO 27018 Privacy Certification

I am pleased to announce that AWS has successfully completed a new assessment, ISO/IEC 27018:2014, a code of practice regarding the protection of personally identifiable information (PII) in the cloud and our adherence to the commitments we make to our customers with regard to their content. This privacy code of practice is now an integral […]

Read More

Now Available: Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track

Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now available. SEC201: AWS Security State of the Union: How Should We All Think About Security? Video Slide […]

Read More

Customer Update—AWS and EU Safe Harbor

Recently, the European Court of Justice determined that the 15-year-old US-EU Safe Harbor framework is no longer valid for the transfer of personal data from the European Economic Area (EEA) to the US. At AWS, we know customers care deeply about privacy and data security; we optimize our work to get these issues right for […]

Read More

Today’s Security and Compliance Sessions at re:Invent 2015

If you are attending re:Invent 2015 in Las Vegas, you can attend any of the following Security & Compliance track sessions taking place today. Didn’t register before the conference sold out? All sessions are being recorded and will be made available on YouTube after the conference. Also, all slide decks from the sessions will be made available […]

Read More

re:Invent 2015: All Security and Compliance Track Breakout Sessions

If you will be attending re:Invent 2015 in Las Vegas next month, you know that you’ll have many opportunities to learn more about AWS security at the conference. The following breakout sessions compose this year’s Security and Compliance track. Look for blog posts in the coming three weeks to highlight some of these specific breakout sessions […]

Read More