External auditors test AWS Security against more than 2,600 requirements on any given day of the year. Each audit measures a facet of our overall security and compliance. We publish the results for our customers, making the certifications and reports readily available online. To us, that’s not just security, that’s security assurance.
Auditors assess AWS every day, “our internal bar has to be even higher than our external bar.” The work takes Beatrice and her team to our data centers and AWS Network Edge locations around the world to make sure facilities meet physical security and environmental benchmarks. “We are confidently compliant and work to provide transparency and insights to our customers.”
Beatrice and her team are the connection point between AWS stakeholders, like engineers and data center managers, and external auditors. “We are the translators bridging all sides. We work to decrease the impact of audits to AWS service teams, while also guaranteeing auditors get what they need to obtain assurance about our environment.” Beatrice’s team also actively engages auditors to advance compliance standards, helping ensure certification requirements evolve with the cloud.
Our customers have benefited from this overall compliance strategy. In 2017, AWS increased PCI DSS compliant services by more than 46%. That’s an astounding 850% increase since AWS first became PCI certified in 2010.