Grant date: 2017-01-28 Valid to: 2017-12-28
Amazon(AWS) aiming at the security throneAmazon Web Services, nominated by many as the king of Cloud, have consistently outperformed their competitors. While they were placed most favourably in Gartner’s magic quadrant, the king was not so royal when it came to security in the past years. This has now changed and AWS is now also catching up with security aiming at being also on the top with security. They have demonstrated that security is a top priority to them by complying with numerous local and international security standards, ensuring resiliency, understanding and promoting security architectures and ensuring security of tenant data. Not only are they ensuring securing of their own infrastructure AWS is also more and more offering security services to their tenants.
Due to Amazon S3 Service Disruption in the Northern Virginia (US-EAST-1) region we have downgraded the rating from A to A-. This outage shows that AWS still have a few challenges around their fault tolerant design of all the components of their infrastructure. Given that it took around four hours to recover indicates that also their recovery capability can be improved.
Additional information:AWS Information Security Rating Report - External
In the external rating report, you will find IISRI’s opinion on how the cloud provider ensures Privacy and Intellectual property rights of tenants. IISRI discusses and analyses further if and how the cloud provider uses and provides encryption to protect data of their tenants. As for physical security IISRI considers different environmental risks, like earthquakes and floods, especially since in most cases cloud providers disclaim any kind of liability for force majeure events. IISRI will also then elaborate on the cloud provider’s capability to cope with outages and to provide their tenants different types of failover options within and outside their location. In this report, you will also find IISRI’s analysis of human resource security and security compliance with standards of the cloud provider. IISRI forms also an opinion about the cloud provider’s capability to manage vulnerabilities and security incidents. The report also depicts IISRI’s analysis of the cloud provider’s service levels to ensure the appropriate level of security to their tenants and otherwise compensations according to best practices. This and many other security aspects are discussed in this report. You can buy the rating report below.
See a sample page of our reports
Show rating scope