AWS best practices

As we partner with AWS, you can be confident that your platform runs securely, and your business has the most flexible and secure cloud computing environment available today.

All data is hosted in AWS data centers and within a network architected to protect your information, identities, applications, and devices. That means that you know that your business is always supported by core security and compliance requirements, such as data locality, protection, and confidentiality within our comprehensive partnering services and features.

The benefits you get from the AWS Security platform are among others, that you can scale your business easily and that your solution is built with the highest standards for privacy and data security infrastructure and the most comprehensive security and compliance controls into a scalable platform for event management, testing, and auditing.

Data storage

With AWS, you control where your data is stored, who can access it, and what resources your organization is consuming at any given moment. Fine-grain identity and access controls combined with continuous monitoring for near real-time security information ensures that the right resources have the right access at all times, wherever your information is stored. Reduce risk as you scale by using security automation and activity monitoring services to detect suspicious security events, like configuration changes, across your ecosystem. You can even integrate the services with your existing solutions to support existing workflows, streamline your operations, and simplify compliance reporting.

AWS is vigilant about your privacy. Because customers care deeply about data security, a world-class team of security experts monitors the systems 24×7 to protect your content. With the AWS hosted solution, you build on the most secure global infrastructure, knowing you always own your data, including the ability to encrypt it, move it, and manage retention. All data flowing across the AWS global network that interconnects datacenters and regions is automatically encrypted at the physical layer before it leaves our secured facilities. Additional encryption layers exist as well; for example, all VPC cross-region peering traffic, and customer or service-to-service TLS connections.

AWS tools allow you to easily encrypt data in transit and at rest to help ensure that only authorized users can access it, using keys managed by our AWS Key Management System (KMS) or managing your own encryption keys with CloudHSM using FIPS 140-2 Level 3 validated HSMs. AWS also gives you the control and visibility to help demonstrate that you comply with regional and local data privacy laws and regulations. The design of the global infrastructure allows you to retain complete control over the regions in which your data is physically located, helping you meet data residency requirements.

Choose a different country to view content for your location.