Designed for Security
The AWS cloud infrastructure is housed in AWS’s data centres, designed to satisfy the requirements of the most security-sensitive customers. The AWS infrastructure has been designed to provide the highest availability while putting strong safeguards in place regarding customer privacy and segregation.
The AWS infrastructure is protected by extensive network and security monitoring systems.. In addition, AWS infrastructure components are continuously scanned and tested. The AWS production network is segregated from the Amazon corporate network, and access to this network is monitored and reviewed on a daily basis by AWS security managers.The AWS production network is segregated from the Amazon corporate network and requires a separate set of credentials for access, consisting of SSH public-key authentication through a bastion host using an MFA token. This access is monitored and reviewed on a daily basis by AWS security managers.
AWS builds its data centres in multiple geographic regions as well as across multiple Availability Zones within each region to offer maximum resiliency against system outages. AWS designs its data centres with significant excess bandwidth connections so that if a major disruption occurs there is sufficient capacity to enable traffic to be load-balanced to the remaining sites, minimising the impact on you.
Each certification means that an auditor has verified that specific security controls are in place and operating as intended. To help you meet specific government, industry, and company security standards and regulations, AWS provides certification reports that describe how the AWS Cloud infrastructure meets the requirements of an extensive list of global security standards, including: ISO 27001, SOC, the PCI Data Security Standard, FedRAMP, the Australian Signals Directorate (ASD) Information Security Manual, and the Singapore Multi-Tier Cloud Security Standard (MTCS SS 584). For more information about the security regulations and standards with which AWS complies, see the AWS Compliance page.