Category: Security, Identity, & Compliance

Many organizations around the world, such as government agencies, financial institutions, and nonprofits, are required to maintain and securely store their data long term to comply with regulatory and business requirements. One way to fulfill such requirements is via a centralized immutable backup solution that creates and stores secure and immutable backups of their data […]

As companies shift high-performance workloads toward cloud solutions, data storage and data protection go side-by-side. Many companies have both internal and external security rules and regulations they must adhere to when storing their data. Amazon FSx for Lustre offers fully managed, scalable file systems for fast-processing workloads, providing secure, shared access to your users. In […]

Having a disaster recovery (DR) strategy is an essential part of business continuity and is an important part of designing your workload for resilience. Resilience means that your application, and its supporting infrastructure, always performs its intended functions correctly and consistently over time. In some cases, customers who host their primary workloads on the cloud […]

UPDATE (7/7/2022): We’ve revised this blog post to align with the latest AWS security best practices. We’ve removed the step of adding an AWS Identity and Access Management (IAM) user, and replaced it with using an EC2 instance profile when the source server is an EC2 instance (the AWS Replication Agent also retrieves credentials automatically from […]

UPDATE 11/04/2025: On October 30, 2025, AWS Backup announced support for copying database snapshots across AWS Regions and accounts using a single copy action. This feature supports Amazon RDS, Amazon Aurora, Amazon Neptune, and Amazon DocumentDB snapshots and eliminates the need for sequential copying steps. The guidance within this blog is still be valid when […]

As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve data security. Encryption is a critical component of a defense in depth strategy, and when used correctly, can provide an additional layer of protection above basic access control. However, workloads that access millions or billions […]

Organizations are often required to store files, images, and other digital assets in a repository. In many cases, the source of these files are partners or individuals who are not connected to internal systems and requires corporate authentication in order to upload the files. Customers traditionally use servers to handle file uploads, which can use […]

Centralizing and automating data protection helps you support your business continuity and regulatory compliance goals. Backup compliance includes the ability to define and enforce backup policies to encrypt your backups, protect them from manual deletion, prevent changes to your backup lifecycle settings, and audit and report on backup activity from a centralized console. A common […]

Customers who use the AWS Transfer Family service are typically exchanging files with their business partners who provide them with SSH public keys. In a large-scale deployment of the AWS Transfer Family service, public key management eventually becomes a time-consuming task to refresh expired keys and rotate keys for security. When using custom identity providers (custom IdP), […]

Data protection is critical for most customers seeking to safeguard information, maintain compliance, secure applications, and more. Protecting data can become challenging when different entities or personas need different levels of access to data. In Amazon S3, access control can be managed with tools like AWS Identity and Access Management (IAM) policies, bucket policies, access […]