AWS Security Blog

Category: Compliance

Addressing Data Residency with AWS

AWS has released a new whitepaper that has been requested by many AWS customers: AWS Policy Perspectives: Data Residency. Data residency is the requirement that all customer content processed and stored in an IT system must remain within a specific country’s borders, and it is one of the foremost concerns of governments that want to […]

Read More

AWS Adds 16 More Services to Its PCI DSS Compliance Program

AWS has added 16 more AWS services to its Payment Card Industry Data Security Standard (PCI DSS) compliance program, giving you more options, flexibility, and functionality to process and store sensitive payment card data in the AWS Cloud. The services were audited by Coalfire to ensure that they meet strict PCI DSS standards. The newly compliant AWS services are: Amazon […]

Read More

Amazon Web Services Is the First Global Cloud Service Provider to Achieve the Korea-Information Security Management System Certification

Scope of certification: Operation of infrastructure in the AWS Asia Pacific (Seoul) Region Period of validity: December 27, 2017, through December 26, 2020 Amazon Web Services (AWS) has achieved the Korea-Information Security Management System (K-ISMS) Certification. The Korea Internet and Security Agency (KISA) completed its assessment of AWS, which covered the operation of infrastructure (such […]

Read More

EU Compliance Update: AWS’s 2017 C5 Assessment

May 22, 2019 update: We’ve removed a reference to the IT-Grundschutz Certification Workbook. AWS now recommends that customers refer to the Cloud Computing Compliance Controls Catalog (C5) instead. Learn more about C5 here: https://aws.amazon.com/compliance/bsi-c5/ AWS has completed its 2017 assessment against the Cloud Computing Compliance Controls Catalog (C5) information security and compliance program. Bundesamt für […]

Read More

A New Guide to Banking Regulations and Guidelines in India

The AWS User Guide to Banking Regulations and Guidelines in India was published in December 2017 and includes information that can help banks regulated by the Reserve Bank of India (RBI) assess how to implement an appropriate information security, risk management, and governance program in the AWS Cloud. The guide focuses on the following key […]

Read More

Two New Documents to Help You Navigate Australian Prudential Regulation Authority (APRA) Requirements

Note from May 28, 2020: The features and services described in this post have changed since the post was published and the procedures described might be out of date and no longer accurate. Please see https://aws.amazon.com/blogs/security/new-guidance-navigate-australian-prudential-regulation-authority-requirements/ for the most recent information. AWS has published two new documents to help Financial Services customers understand how to […]

Read More

AWS Updated Its ISO Certifications and Now Has 67 Services Under ISO Compliance

AWS has updated its certifications against ISO 9001, ISO 27001, ISO 27017, and ISO 27018 standards, bringing the total to 67 services now under ISO compliance. We added the following 29 services this cycle: • Amazon Aurora • Amazon S3 Transfer Acceleration • AWS Lambda@Edge • Amazon Cloud Directory • Amazon SageMaker • AWS Managed […]

Read More

A New AWS Government, Education, and Nonprofits Blog Post: “AWS Achieves Full Empanelment for the Delivery of Cloud Services by India’s Ministry of Electronics and Information Technology”

AWS recently announced that Amazon Internet Services Private Limited (AISPL), an Indian subsidiary of the Amazon Group that undertakes the resale and marketing of AWS Cloud services in India, has achieved full Cloud Service Provider (CSP) empanelment and successfully completed the Standardization Testing and Quality Certification (STQC) audit from the Indian Ministry of Electronics and […]

Read More

Introducing the New GDPR Center and “Navigating GDPR Compliance on AWS” Whitepaper

At AWS re:Invent 2017, the AWS Compliance team participated in excellent engagements with AWS customers about the General Data Protection Regulation (GDPR), including discussions that generated helpful input. Today, I am announcing resulting enhancements to our recently launched GDPR Center and the release of a new whitepaper, Navigating GDPR Compliance on AWS. The resources available […]

Read More