AWS Security Blog

Category: Compliance

Using AWS in the Context of CESG UK’s Cloud Security Principles

Last year, CESG UK published the Cloud Security Guidance documents for public sector organizations that are considering the use of cloud services for handling information classified as OFFICIAL. The guidance aims to help public sector organizations make informed decisions about cloud services and choose a cloud service that balances business benefits and security risks. In […]

Read More

Security Best Practices: Compliance Beyond the Check Box–Register For and Attend the Webinar

Update: The slides from this webinar are now available. As part of the AWS Webinar Series, AWS will present Security Best Practices: Compliance Beyond the Check Box on Tuesday, April 28. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). Principal Solutions Architect Bill Shinn will help you understand […]

Read More

DoD-Compliant Implementations in the AWS Cloud

Our US federal customers are finding interesting and exciting ways to use the AWS cloud for their IT infrastructure and data management. Our focus on these customers remains a high priority for AWS Compliance, and to further our efforts in providing customer-focused compliance enablers, we have updated our existing Department of Defense (DoD) whitepaper. This […]

Read More

Focus on Customers: Next Gen Compliance Enablers

AWS has radically improved cloud service provider compliance offerings with the ongoing development and releases of next gen customer-focused compliance enablers that directly assist customers in 1) understanding how to apply legacy compliance requirements to an AWS environment, and 2) helping establish a secure, compliant, and auditable AWS IT environment. Traditionally our global customers have […]

Read More

New Security and Compliance Workbook: IT-Grundschutz

AWS Compliance has made available a new security and compliance workbook for AWS customers who are subject to the German Federal Office for Information Security (BSI) IT Baseline protection methodology (IT-Grundschutz). IT-Grundschutz Compliance on Amazon Web Services is a new customer workbook that was developed and published by TÜV TRUST IT GmbH TÜV Austria Group, […]

Read More

AWS Architecture and Security Recommendations for FedRAMP Compliance

Some of the most common compliance-related requests we receive from our customers are for reference architecture, a template for how to build your infrastructure in the cloud. These requests indicate how some people learn new concepts: reference architecture visualizations can help to clarify subject matter. In order to clarify how you can use AWS functionality […]

Read More

ENISA Advances Cloud Adoption in Europe

AWS continually monitors how the work of international standards bodies affects how you run your regulated workloads in the cloud. As such, we were pleased to see a recent security-related announcement from the European Union Agency for Network and Information Security (ENISA). ENISA’s announcement addresses one of the most commonly asked questions by AWS customers […]

Read More

AWS Offers Criminal Justice Information Services (CJIS) Workbook

Amazon Web Services (AWS) recognizes that when law enforcement agencies place information in the cloud, they require timely and secure access to that information. AWS architecture provides a highly scalable and reliable platform that enables AWS customers to deploy applications and data quickly and securely in support of a wide variety of security and regulatory […]

Read More

AWS Frankfurt Region Opens—AWS Highlights European Data Protection

With the AWS Frankfurt Region officially launched, we’d like to share European and data protection–specific information we’ve published to assist AWS customers who want to store content containing personal data. This information can be found in the newly released Whitepaper on EU Data Protection, a key resource available to customers who want to use AWS […]

Read More

AWS GovCloud Earns DoD CSM Level 3-5 Provisional Authorization

I’m very excited to share that AWS has received the first ever U.S. Department of Defense (DoD) level 3-5 Provisional Authorization for the AWS GovCloud (US) region under the Defense Information Systems Agency’s (DISA) Cloud Security Model (CSM). AWS has been authorized for CSM levels 1-2 workloads for all US regions since March of this […]

Read More