AWS has launched the AWS Trust Center, an online resource that explains how the company secures its customers' assets in the cloud.
With AWS Trust Center, the company provides a view into the company's security practices, compliance programs, and data protection controls. Chris Betz, a CISO at AWS, writes:
In the Trust Center, you’ll find information about our approach to security at every level—from our physical data centers to our cloud infrastructure and portfolio of cloud services. We’re including documentation about our security services and tools, helping you understand how we secure the cloud and how we help you secure your workloads within it.
The Trust Center provides essential information about AWS’s data protection and privacy practices, including encryption management and operator access controls based on the principle of least privilege. AWS customers can learn about the company's zero-access designs for key services like AWS Key Management Service (AWS KMS) and Amazon EC2, as well as our global monitoring systems.
Additionally, the Trust Center serves as a central hub for service health and security events, offering access to security bulletins and real-time service status. Customers can easily report security concerns and find resources, agreements, and documentation to help them make informed decisions about their cloud security posture.
Rowan Udell, an AWS security consultant, tweeted:
AWS now has a central location for security and trust content
I'm hoping this makes it easier to reference and share the security and compliance material - It was a bit all over the place, given the size of AWS these days!
In addition, a question was asked in a LinkedIn Post by Jeff Barr on AWS Trust Center if AWS Artifact, which provides on-demand downloads of AWS security and compliance documents, will be replaced. AWS Expert John Krull replied:
It looks like the Trust Center is more generalized and accessible. You need to access Artifact via an account, and the agreements can be accepted under NDA. I think Trust Center will have a wider audience, and I plan to use it to demonstrate AWS's commitment to security (as job # 0) to business leadership and tech.
Lastly, AWS is not the only hyperscaler offering a trust Center. Other Hyperscalers like Microsoft and Google have similar Trust centers: Microsoft Trust Center provides comprehensive information on security, privacy, compliance, and transparency for Microsoft's products and services, including Azure, while Google Cloud Trust Center focuses on security, compliance, and privacy to help organizations trust their cloud services.
About the Author
