AWS Security Blog

Category: Compliance*

Staying Ahead of the Curve–Customer Enabler AWS OCIE Cybersecurity Initiative Workbook

We focus on enabling our customers to scale their security and compliance capabilities on AWS, and we enhance our customers’ ability to meet a wide variety of security and regulatory requirements. With a continued focus on our customers’ regulatory needs in the financial services sector, we created another customer facing workbook, which aligns the new […]

Read More

Amazon Redshift and Amazon RDS Now Support Encryption via AWS Key Management Service in the AWS GovCloud (US) Region

Today, Amazon Redshift and Amazon RDS for MySQL, PostgreSQL, Oracle, and SQL Server DB released support for encryption using AWS Key Management Service (KMS) in the AWS GovCloud (US) region. Using keys under your control, you can now encrypt RDS instances, including MySQL, PostgreSQL, Oracle, and SQL Server DB instance types, and Amazon Redshift clusters in AWS GovCloud […]

Read More

Using AWS in the Context of CESG UK’s Cloud Security Principles

Last year, CESG UK published the Cloud Security Guidance documents for public sector organizations that are considering the use of cloud services for handling information classified as OFFICIAL. The guidance aims to help public sector organizations make informed decisions about cloud services and choose a cloud service that balances business benefits and security risks. In […]

Read More

Security Best Practices: Compliance Beyond the Check Box–Register For and Attend the Webinar

Update: The slides from this webinar are now available. As part of the AWS Webinar Series, AWS will present Security Best Practices: Compliance Beyond the Check Box on Tuesday, April 28. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). Principal Solutions Architect Bill Shinn will help you understand […]

Read More

DoD-Compliant Implementations in the AWS Cloud

Our US federal customers are finding interesting and exciting ways to use the AWS cloud for their IT infrastructure and data management. Our focus on these customers remains a high priority for AWS Compliance, and to further our efforts in providing customer-focused compliance enablers, we have updated our existing Department of Defense (DoD) whitepaper. This […]

Read More

Focus on Customers: Next Gen Compliance Enablers

AWS has radically improved cloud service provider compliance offerings with the ongoing development and releases of next gen customer-focused compliance enablers that directly assist customers in 1) understanding how to apply legacy compliance requirements to an AWS environment, and 2) helping establish a secure, compliant, and auditable AWS IT environment. Traditionally our global customers have […]

Read More

New Security and Compliance Workbook: IT-Grundschutz

AWS Compliance has made available a new security and compliance workbook for AWS customers who are subject to the German Federal Office for Information Security (BSI) IT Baseline protection methodology (IT-Grundschutz). IT-Grundschutz Compliance on Amazon Web Services is a new customer workbook that was developed and published by TÜV TRUST IT GmbH TÜV Austria Group, […]

Read More

AWS Architecture and Security Recommendations for FedRAMP Compliance

Some of the most common compliance-related requests we receive from our customers are for reference architecture, a template for how to build your infrastructure in the cloud. These requests indicate how some people learn new concepts: reference architecture visualizations can help to clarify subject matter. In order to clarify how you can use AWS functionality […]

Read More

ENISA Advances Cloud Adoption in Europe

AWS continually monitors how the work of international standards bodies affects how you run your regulated workloads in the cloud. As such, we were pleased to see a recent security-related announcement from the European Union Agency for Network and Information Security (ENISA). ENISA’s announcement addresses one of the most commonly asked questions by AWS customers […]

Read More

AWS Offers Criminal Justice Information Services (CJIS) Workbook

Amazon Web Services (AWS) recognizes that when law enforcement agencies place information in the cloud, they require timely and secure access to that information. AWS architecture provides a highly scalable and reliable platform that enables AWS customers to deploy applications and data quickly and securely in support of a wide variety of security and regulatory […]

Read More