AWS Security Blog

Tag: Financial Services

Disaster recovery compliance in the cloud, part 2: A structured approach

Compliance in the cloud is fraught with myths and misconceptions. This is particularly true when it comes to something as broad as disaster recovery (DR) compliance where the requirements are rarely prescriptive and often based on legacy risk-mitigation techniques that don’t account for the exceptional resilience of modern cloud-based architectures. For regulated entities subject to […]

Read More

Disaster recovery compliance in the cloud, part 1: Common misconceptions

Compliance in the cloud can seem challenging, especially for organizations in heavily regulated sectors such as financial services. Regulated financial institutions (FIs) must comply with laws and regulations (often in multiple jurisdictions), global security standards, their own corporate policies, and even contractual obligations with their customers and counterparties. These various compliance requirements may impose constraints […]

Read More

OSPAR 2021 report now available with 127 services in scope

We are excited to announce the completion of the third Outsourced Service Provider Audit Report (OSPAR) audit cycle on July 1, 2021. The latest OSPAR certification includes the addition of 19 new services in scope, bringing the total number of services to 127 in the Asia Pacific (Singapore) Region. You can download our latest OSPAR […]

Read More

AWS publishes FINMA ISAE 3000 Type 2 attestation report for the Swiss financial industry

May 4, 2021: We’ve added links to download this post translated into French or German. March 23, 2021: We’ve updated this post to note that the report covers 22 global AWS Regions. Gaining and maintaining customer trust is an ongoing commitment at Amazon Web Services (AWS). Our customers’ industry security requirements drive the scope and […]

Read More

Over 150 AWS services now have a security chapter

We’re happy to share an update on the service documentation initiative that we first told you about on the AWS Security Blog in June, 2019. We’re excited to announce that over 150 services now have dedicated security chapters available in the AWS security documentation. In case you aren’t familiar with the security chapters, they were […]

Read More

Learn and use 13 AWS security tools to implement SEC recommended protection of stored customer data in the cloud

Most businesses collect, process, and store sensitive customer data that needs to be secured to earn customer trust and protect customers against abuses. Regulated businesses must prove they meet guidelines established by regulatory bodies. As an example, in the capital markets, broker-dealers and investment advisors must demonstrate they address the guidelines proposed by the Office […]

Read More

OSPAR 2020 report now available with 105 services in scope

We are excited to announce the addition of 41 new services in the scope of our latest Outsourced Service Provider Audit Report (OSPAR) audit cycle, for a total of 105 services in the Asia Pacific (Singapore) Region. The newly added services include: AWS Security Hub, which gives you a comprehensive view of high-priority security alerts […]

Read More

How financial institutions can approve AWS services for highly confidential data

January 18, 2021: We made minor updates to this post, such as updating the number of services in scope for SOC compliance from 122 to 124. July 21, 2020: The number of services in scope for SOC compliance was updated from 116 to 122. Also, more than 55 AWS services now have support for VPC […]

Read More

Tips for building a cloud security operating model in the financial services industry

My team helps financial services customers understand how AWS services operate so that you can incorporate AWS into your existing processes and security operations centers (SOCs). As soon as you create your first AWS account for your organization, you’re live in the cloud. So, from day one, you should be equipped with certain information: you […]

Read More