AWS Security Blog

Category: Compliance

AWS EU (London) Region Selected to Provide Services to Support UK Law Enforcement Customers

The AWS EU (London) Region has been selected to provide services to support UK law enforcement customers. This decision followed an assessment by Home Office Digital, Data and Technology supported by their colleagues in the National Policing Information Risk Management Team (NPIRMT) to determine the region’s suitability for addressing their specific needs. The security, privacy, […]

Read More

AWS Earns Department of Defense Impact Level 5 Provisional Authorization

The Defense Information Systems Agency (DISA) has granted the AWS GovCloud (US) Region an Impact Level 5 (IL5) Department of Defense (DoD) Cloud Computing Security Requirements Guide (CC SRG) Provisional Authorization (PA) for six core services. This means that AWS’s DoD customers and partners can now deploy workloads for Controlled Unclassified Information (CUI) exceeding IL4 […]

Read More

Now Available: The First Guide in the AWS Government Handbook Series

AWS recently released the first guide in the new AWS Government Handbook Series: Secure Network Connections: An evaluation of the US Trusted Internet Connections program. This new series examines key cybersecurity policy initiatives that have been operating in the traditional IT space, unpacks their security objectives, and identifies lessons learned and best practices of global […]

Read More

The First AWS Regional Financial Services Guide Focuses on Singapore

To help Financial Services clients address Singapore’s regulations on financial institutions in a shared responsibility environment, AWS has published the AWS User Guide to Financial Services Regulations and Guidelines in Singapore. This first-ever AWS Financial Services guide is the culmination of the work AWS has done in the last year to help customers navigate the Monetary […]

Read More

Announcing the New AWS Customer Compliance Center

AWS has the longest running, most effective, and most customer-obsessed compliance program in the cloud market. We have always centered our program around customers, obtaining the certifications needed to provide our customers with the proper level of validated transparency in order to enable them to certify their own AWS workloads [download .pdf of AWS certifications]. […]

Read More

AWS Adds 12 More Services to Its PCI DSS Compliance Program

Twelve more AWS services have obtained Payment Card Industry Data Security Standard (PCI DSS) compliance, giving you more options, flexibility, and functionality to process and store sensitive payment card data in the AWS Cloud. The services were audited by Coalfire to ensure that they meet strict PCI DSS standards. The newly compliant AWS services are: […]

Read More

Perform More Productive Audits of Your AWS Resources by Using the New AWS Auditor Learning Path

AWS customers in highly regulated industries such as financial services and healthcare tend to undergo frequent security audits. To help make these audits more productive, AWS has released the AWS Auditor Learning Path. This set of online and in-person classes provides foundational and advanced education about implementing security in the AWS Cloud and using AWS […]

Read More

AWS HIPAA Program Update – Dedicated Instances and Hosts Are No Longer Required

Over the years, we have seen tremendous growth in the use of the AWS Cloud for healthcare applications. Our customers and AWS Partner Network (APN) Partners who offer solutions that store, process, and transmit Protected Health Information (PHI) sign a Business Associate Addendum (BAA) with AWS. As part of the AWS HIPAA compliance program, customers and […]

Read More

Updated AWS SOC Reports Include Three New Regions and Three Additional Services

  The updated AWS Service Organization Control (SOC) 1 and SOC 2 Security, Availability, and Confidentiality Reports covering the period of October 1, 2016, through March 31, 2017, are now available. Because we are always looking for ways to improve the customer experience, the current AWS SOC 2 Confidentiality Report has been combined with the […]

Read More