Cloud security at AWS is the highest priority. AWS cloud allows customers to scale and innovate, while maintaining a secure environment.
AWS Cloud Security and Compliance covers following aspects of AWS Security
- Infrastructure Security
- Infrastructure Resilience
- Data Encryption
- Monitoring and Logging
- Identity and Access Control
- Compliance Assurance Programs
- Security Support
- Standards and Best Practices
For certain laws and regulations, AWS offers security features, enablers, and legal agreements
(such as the AWS Data Processing Agreement and Business Associate Addendum) for supporting customer compliance.
For example, HIPAA does not have an official certification. But AWS provides a business associates agreement (BAA) which clarifies
security responsibilities and HIPAA eligible services. It is the cloud customer’s responsibility to make sure they are properly following this BAA and managing their responsibilities,
in order to remain compliant with HIPAA.