Category: Compliance

If you will be attending re:Invent 2015 in Las Vegas next month, you know that you’ll have many opportunities to learn more about AWS security at the conference. The following breakout sessions compose this year’s Security and Compliance track. Look for blog posts in the coming three weeks to highlight some of these specific breakout sessions […]

AWS’s industry-leading security strength benefits you in many ways, one of which is by using a platform that is audited extensively by independent third-party assessors. At times, these audits confirm we can meet new requirements, even as they are issued, and this is the case for the National Institute of Standards and Technology (NIST) guidelines 800-171, […]

Positive news for our Australian customers: we recently launched a compliance hub and FAQ page for Australian government customers and their assessors for the Information Security Registered Assessors Program (IRAP) on implementing the Australian Signals Directorate’s (ASD) Information Security Manual (ISM). The new hub and FAQ address many of the questions that Australian government customers […]

September 16 update: The full schedule is now included below. Even though AWS re:Invent 2015 is sold out, you can still get the latest announcements and product information by viewing our Livestream Broadcasts of the keynotes and select technical breakout sessions. Sign up for the Livestream Broadcasts now.

AWS is an attractive environment for regulated data, including Criminal Justice Information (CJI) subject to the Criminal Justice Information Services (CJIS) Security Policy. AWS customers have used the AWS cloud for a wide range of sensitive federal and state government workloads, including CJI data. Law enforcement customers and partners who manage CJI are taking advantage […]

We’re happy to announce the availability (upon request) of the 2015 AWS PCI Compliance Package, an assessment completed against the newly released PCI Data Security Standard (PCI DSS) Version 3.1. The PCI DSS is a globally accepted security standard that customers use to support a wide range of sensitive workloads, including the processing and storage […]

To provide guidance about how to leverage Amazon Web Services (AWS) to develop applications that meet HIPAA and HITECH compliance requirements, we recently updated the Architecting for HIPAA Security and Compliance on Amazon Web Services whitepaper. The advancements and growth of healthcare technology have been an accelerating force behind the continued adoption of cloud computing, […]

The PCI requirements for encryption for data in transit are different for private networks than they are for public networks. When correctly designed, Amazon Virtual Private Cloud (Amazon VPC), a logically isolated portion of the AWS infrastructure that allows you to extend your existing data center network to the cloud, can be considered a private network, […]

February 22, 2022: s2n has been renamed to s2n-tls. See details. At Amazon Web Services, strong encryption is one of our standard features, and an integral aspect of that is the TLS (previously called SSL) encryption protocol. TLS is used with every AWS API and is also available directly to customers of many AWS services […]

PCI compliance in the cloud is an important topic for many of our customers. Our PCI FAQ page has received more than 45,000 views, and we have issued our PCI compliance package directly to customers in all major regions and industry verticals. To build on our growing demand of PCI enablers, today we’re happy to […]