{"id":36687,"date":"2021-05-27T19:23:20","date_gmt":"2021-05-27T19:23:20","guid":{"rendered":"https:\/\/www.vmengine.net\/2021\/05\/27\/aws-compliance-the-future-of-regulations\/"},"modified":"2025-05-23T17:31:43","modified_gmt":"2025-05-23T17:31:43","slug":"aws-compliance-the-future-of-regulations","status":"publish","type":"post","link":"http:\/\/54.220.100.23\/en\/2021\/05\/27\/aws-compliance-the-future-of-regulations\/","title":{"rendered":"AWS Compliance, the Future of Regulations"},"content":{"rendered":"<div class=\"et_pb_section et_pb_section_292 et_section_regular\" >\n<div class=\"et_pb_row et_pb_row_390\">\n<div class=\"et_pb_column et_pb_column_4_4 et_pb_column_396  et_pb_css_mix_blend_mode_passthrough et-last-child\">\n<div class=\"et_pb_module et_pb_text et_pb_text_1063  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p>The benefits of <strong>Cloud Computing<\/strong> are now well known, having your information at your fingertips wherever you are is certainly the main advantage. At the same time, the cloud model also introduces <strong>security<\/strong> and privacy risks, not only for individuals, but also and above all for companies. Security and privacy in the cloud are the result of an integration of <strong>technologies<\/strong>, <strong>controls,<\/strong> <strong>processes<\/strong> and<strong> policies.<\/strong><\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_cta_153 et_animated et_pb_promo  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_promo_description et_multi_view_hidden\"><\/div>\n<div class=\"et_pb_button_wrapper\"><a class=\"et_pb_button et_pb_promo_button\" href=\"https:\/\/temp_new.vmenginelab.com\/2021\/04\/28\/php-fa-tremare-il-web-server-git-violato\/\" target=\"_blank\">PHP Shakes the Web: Git Server Hacked<\/a><\/div>\n<\/p><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1064  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<h2>  Compliance requirements. What is it about?<\/h2>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_image et_pb_image_297\">\n<p>\t\t\t\t<span class=\"et_pb_image_wrap \"><img decoding=\"async\" src=\"http:\/\/temp_new.vmenginelab.com\/wp-content\/uploads\/2021\/05\/GDPR-2.jpg\" alt=\"\" title=\"GDPR\"  sizes=\"(max-width: 740px) 100vw, 740px\" class=\"wp-image-33350\" \/><\/span>\n\t\t\t<\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1065  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p>The security and traceability of data in virtual clouds is governed by compliance requirements, which ensure compliance with the laws and regulations that apply to the use of cloud computing.<\/p>\n<p>Compliance allows you to assess the provider&#8217;s ability to meet compliance requirements with laws, regulations, and customer\/business standards. It typically includes compliance with privacy regulations (e.g., <a href=\"https:\/\/www.garanteprivacy.it\/il-testo-del-regolamento\">GDPR),<\/a> the geographic location of data centers and consequently of the data, any insurance coverage in the event of a data breach, and the willingness to provide evidence of compliance with standards and regulations.<\/p>\n<p>The GDPR is the General Data Protection Regulation 2016\/679 (GDPR) is the main European legislation on the protection of personal data.<\/p>\n<p><em>&#8220;With the European regulation, we move from a proprietary view of the data, according to which it cannot be processed without consent, to a vision of control of the data, which favors the free movement of the same while strengthening the rights of the data subject, who must be able to know if his data are used and how they are used to protect him and the entire community from the risks inherent in the processing of data.&#8221;<\/em><\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1066  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<h2>What are AWS compliant compliances to be compliant?<\/h2>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1067  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p style=\"text-align: center;\">\n<p><a href=\"https:\/\/aws.amazon.com\/it\/\">Amazon Web Services<\/a>, in addition to ensuring its own compliance, offers global <a href=\"https:\/\/aws.amazon.com\/it\/compliance\/programs\/\">compliance proposals<\/a> to its partners and is committed to ensuring services and resources that enable customers to comply with the requirements of the GDPR applicable to their businesses.<\/p>\n<p>Compared to our reference area <strong>, here are some of the compliances<\/strong> made available by<strong> AWS<\/strong>:<\/p>\n<ul>\n<li><strong>CISPE<\/strong> (Cloud Infrastructure Services Providers in Europe) is a union of cloud computing leaders serving millions of customers in Europe. The CISPE Code of Conduct allows customers to be confident that their cloud infrastructure provider is using appropriate data protection standards to comply with the current GDPR.<\/li>\n<li><strong>Cyber Essentials<\/strong> defines the necessary technical controls. The audit framework shows how the independent audit process for Cyber Essentials Plus certification works through an annual external assessment by an accredited entity. Due to the regional nature of the certification, the scope of certification is limited to the Europe (Ireland) and Europe (London) regions.<\/li>\n<li><strong>ISO 9001<\/strong> outlines an approach based on the processes of documenting and controlling the structure, responsibilities and procedures necessary to achieve a satisfactory level of quality management within an organization.<\/li>\n<li><strong>ISO\/IEC 27001<\/strong> is a standard that specifies best practices for security management and comprehensive security controls based on the best practice guidance of the ISO\/IEC 27002 standard. The foundation of this certification is the development and implementation of a rigorous security program, which is an information security management system that defines how AWS continuously manages security holistically and comprehensively.<\/li>\n<li>PCI<strong> DSS<\/strong> applies to entities that store, process, or transmit cardholder data (CHD) or sensitive authentication data (SAD), including merchants, data processors, acquirers, issuers, and service providers. PCI DSS is mandated by credit card issuers and is managed by the Payment Card Industry Security Standards Council.<\/li>\n<li><strong>System and Organization Controls<\/strong> (SOC) reports are independent third-party analytical reports that document how AWS has achieved optimal compliance goals and controls. The purpose of these reports is to help customers and their controllers gather information about the controls created by AWS to support operations and compliance.<\/li>\n<\/ul>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1068  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<h2><strong>AWS and Gaia-x<\/strong><\/h2>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_image et_pb_image_298\">\n<p>\t\t\t\t<span class=\"et_pb_image_wrap \"><img decoding=\"async\" src=\"http:\/\/temp_new.vmenginelab.com\/wp-content\/uploads\/2021\/05\/GAIA-X_Web-2.jpg\" alt=\"\" title=\"GAIA-X_Web\"  sizes=\"(max-width: 740px) 100vw, 740px\" class=\"wp-image-33352\" \/><\/span>\n\t\t\t<\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1069  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p style=\"text-align: center;\">\n<p>At the Digital Summit 2019, the European <a href=\"https:\/\/www.data-infrastructure.eu\/\">Gaia-x<\/a> project was presented by the German government. Gaia-x aims to set <strong>common goals<\/strong> for a Europe-wide data infrastructure. More than <strong>100 European companies and 17 research countries<\/strong> are already part of the initiative, and other European and international players will be invited to take part in the project.<\/p>\n<p><em>&#8220;An open digital ecosystem is needed to enable European companies and business models to compete globally. This ecosystem should enable both the digital sovereignty of cloud service users and the scalability of European cloud providers.&#8221;<\/em><\/p>\n<p>Among the international players that will be able to contribute to the development of Gaia-x there is also the collaboration of <strong>Amazon Web Services<\/strong> (as well as other players such as Microsoft, Google, Aruba). Certainly, taking part in this project represents a turning point for AWS, especially for the management and control of data that will no longer have to be moved overseas, but can be managed within the European Union.<br \/>All this makes it much easier for public bodies to use the virtual cloud.<\/p>\n<p>&nbsp;<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_cta_154 et_pb_promo  et_pb_text_align_center et_pb_bg_layout_dark\">\n<div class=\"et_pb_promo_description\">\n<h2 class=\"et_pb_module_header\">Are you interested in finding out what are the advantages of the Cloud for Public Administration?<\/h2>\n<\/div>\n<div class=\"et_pb_button_wrapper\"><a class=\"et_pb_button et_pb_promo_button\" href=\"https:\/\/temp_new.vmenginelab.com\/en\/aws-cloud-enablement-per-la-pa\/\" target=\"_blank\">Enablement PA<\/a><\/div>\n<\/p><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1070  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p>In November 2011 a select group of European companies, including the EuroCloud EU association, drafted a report on the European Cloud Computing Strategy. 10 recommendations and actions to be taken delivered to the European Commission&#8217;s Vice President for the Digital Agenda Neelie Kroes. In January 2012 at the World Economic Forum in Davos, Vice President Neelie Kroes Kroes founded the European Cloud Partnership.<br \/>The European Cloud Partnership was led by representatives from the IT and telecommunications industry, as well as policymakers from the European government (the name of Amazon&#8217;s current CTO Werner Vogels is also among the many members).<br \/>In February 2014, it completed a report entitled &#8220;Trusted Cloud Europe&#8221;, which outlined a process for effective participation of the public and private sectors in the development of cloud computing in Europe.<br \/>Unfortunately, traces of the ECP were lost in 2014, when the European Commission invited external parties to participate in a discussion forum and complete an online survey in response to the report.<\/p>\n<p style=\"text-align: center;\">Will it be possible to have a European plan this time or will <strong>Gaia-x<\/strong> also fall into oblivion?<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_cta_155 et_pb_promo  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_promo_description et_multi_view_hidden\"><\/div>\n<div class=\"et_pb_button_wrapper\"><a class=\"et_pb_button et_pb_promo_button\" href=\"https:\/\/temp_new.vmenginelab.com\/en\/contacts\/\" target=\"_blank\">Request a call with a specialist<\/a><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>AWS Compliance, Everything You Need to Know to Be Globally Compliant<\/p>\n","protected":false},"author":6,"featured_media":33349,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[97],"tags":[],"class_list":["post-36687","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-en"],"aioseo_notices":[],"jetpack_featured_media_url":"http:\/\/54.220.100.23\/wp-content\/uploads\/2021\/05\/GDPR_Animation_750x400-1.gif","amp_enabled":true,"_links":{"self":[{"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/posts\/36687","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/comments?post=36687"}],"version-history":[{"count":1,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/posts\/36687\/revisions"}],"predecessor-version":[{"id":41603,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/posts\/36687\/revisions\/41603"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/media\/33349"}],"wp:attachment":[{"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/media?parent=36687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/categories?post=36687"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/54.220.100.23\/en\/wp-json\/wp\/v2\/tags?post=36687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}