Category: Security, Identity, & Compliance

You can now better protect your organization’s identity data by encrypting Lightweight Directory Access Protocol (LDAP) communications between AWS Directory Service products (AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, and AD Connector) and self-managed Active Directory. Client-side secure LDAP (LDAPS) support enables applications that integrate with AWS Directory […]

Typically, when you protect data in Amazon Simple Storage Service (Amazon S3), you use a combination of Identity and Access Management (IAM) policies and S3 bucket policies to control access, and you use the AWS Key Management Service (AWS KMS) to encrypt the data. This approach is well-understood, documented, and widely implemented. However, many customers […]

I’m excited to share that the Defense Information Systems Agency (DISA) has authorized 12 additional AWS services and 2 features in AWS GovCloud (US) Regions. With these additional 12 services and 2 features, AWS now offers a total of 52 services authorized to process DoD mission critical data at Impact Levels (IL) 4 and 5 […]

November 19, 2020: AWS has an updated solution for implementing the automated response and remediation across multiple accounts. Please refer to the updated post on How to deploy the AWS Solution for Security Hub Automated Response and Remediation. AWS Security Hub is a service that gives you aggregated visibility into your security and compliance status […]

Following the award of PROTECTED certification to AWS in January 2019, we have now released updated Information Security Registered Assessors Program (IRAP) PROTECTED documentation via AWS Artifact. This information provides the ability to plan, architect, and self-assess systems built in AWS under the Digital Transformation Agency’s Secure Cloud Guidelines. The new documentation expands the scope […]

On January 6, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an alert (AA20-006A) that highlighted measures for critical infrastructure to prepare for information security risks, but which are also relevant to all organizations. The CISA alert focuses on vulnerability mitigation and incident preparation. At AWS, security is our […]

AWS is continually expanding the scope of our compliance programs to help your organization run sensitive and regulated workloads. Today, we’re pleased to announce an additional array of AWS services that are available in the AWS US East/West and AWS GovCloud (US) Regions, marking a 17.7% increase in our number of FedRAMP authorizations since the […]

In June at re:Inforce 2019, AWS announced the general availability of AWS Security Hub, a security service that enables customers to centrally view and manage compliance checks and security findings across their AWS accounts. AWS Security Hub imports security findings from AWS Guard Duty, Amazon Inspector, Amazon Macie, and over 30 AWS partner security solutions. […]

We’re excited to announce the addition of 55 new services in scope under our latest Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) certification, for a total of 119 AWS services in scope. You can deploy environments onto AWS and inherit our HITRUST certification provided that you use only in-scope services and apply the […]

We’re pleased to announce that seven services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) certification, providing our customers more options to process and store their payment card data and architect their Cardholder Data Environment (CDE) securely in AWS. In the past year we have increased the […]