Category: Compliance

To provide guidance about how to leverage Amazon Web Services (AWS) to develop applications that meet HIPAA and HITECH compliance requirements, we recently updated the Architecting for HIPAA Security and Compliance on Amazon Web Services whitepaper. The advancements and growth of healthcare technology have been an accelerating force behind the continued adoption of cloud computing, […]

The PCI requirements for encryption for data in transit are different for private networks than they are for public networks. When correctly designed, Amazon Virtual Private Cloud (Amazon VPC), a logically isolated portion of the AWS infrastructure that allows you to extend your existing data center network to the cloud, can be considered a private network, […]

February 22, 2022: s2n has been renamed to s2n-tls. See details. At Amazon Web Services, strong encryption is one of our standard features, and an integral aspect of that is the TLS (previously called SSL) encryption protocol. TLS is used with every AWS API and is also available directly to customers of many AWS services […]

PCI compliance in the cloud is an important topic for many of our customers. Our PCI FAQ page has received more than 45,000 views, and we have issued our PCI compliance package directly to customers in all major regions and industry verticals. To build on our growing demand of PCI enablers, today we’re happy to […]

July 24, 2020: The whitepaper Auditing Security Checklist in the list of additional resources has been replaced by a Cloud Audit Academy course.   The security of personally identifiable information (PII) continues to be an important topic among all sectors, and education is no exception. Covered entities subject to FERPA are turning to cloud computing […]

We are now in our sixth year of regularly publishing comprehensive independent audit reports attesting to our alignment with globally accepted security best practices. We have just completed our thorough and extensive semiannual audit and are happy to announce that Amazon Simple Queue Service (SQS) and our newest region in Europe (Frankfurt) are now in-scope […]

We focus on enabling our customers to scale their security and compliance capabilities on AWS, and we enhance our customers’ ability to meet a wide variety of security and regulatory requirements. With a continued focus on our customers’ regulatory needs in the financial services sector, we created another customer facing workbook, which aligns the new […]

Today, Amazon Redshift and Amazon RDS for MySQL, PostgreSQL, Oracle, and SQL Server DB released support for encryption using AWS Key Management Service (KMS) in the AWS GovCloud (US) region. Using keys under your control, you can now encrypt RDS instances, including MySQL, PostgreSQL, Oracle, and SQL Server DB instance types, and Amazon Redshift clusters in AWS GovCloud […]

Last year, CESG UK published the Cloud Security Guidance documents for public sector organizations that are considering the use of cloud services for handling information classified as OFFICIAL. The guidance aims to help public sector organizations make informed decisions about cloud services and choose a cloud service that balances business benefits and security risks. In […]

Update: The slides from this webinar are now available. As part of the AWS Webinar Series, AWS will present Security Best Practices: Compliance Beyond the Check Box on Tuesday, April 28. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). Principal Solutions Architect Bill Shinn will help you understand […]