Provide evidence of encryption for customer data stored in AWS

The CTO office at JFrog has Eldad Assis, who is a DevOps Architect. The VP of Developer Relations at JFrog predicts that hybrid will become the norm for deployment. In 2020, remote work accelerated, cloud migration expedited, and DevOps transformed from a best practice to a crucial aspect of all businesses.


Question:

As I prepare to launch my subscription-based web application, it’s important to note that it deals with sensitive health care data. Due to the nature of the data, my customers are understandably concerned about its security in the cloud. I’m wondering if there are any official certificates or information from AWS that I can provide to assure my customers that their data will be encrypted and protected in any storage used by my application.

THANK YOU


Solution 1:

From What is
aws artifact
?:

AWS Artifact offers the convenient option to download AWS security and compliance documents, also referred to as audit artifacts. These documents, including AWS ISO certifications, Payment Card Industry (PCI), and Service Organization Control (SOC) reports, can be presented to auditors or regulators to showcase the security and compliance of the AWS infrastructure and services that you utilize. Additionally, these documents can serve as a guide for evaluating your own cloud architecture and assessing your company’s internal controls’ effectiveness. It is important to note that
AWS Artifact
only provides AWS-related documents, and it is the responsibility of AWS customers to acquire or create documents that demonstrate their companies’ security and compliance.

Although AWS’s function is clarified, it is also essential to demonstrate proper utilization of the cloud, including confirming the identities of users and avoiding the publicizing of buckets.


Solution 2:


There is no existing document available, so you must apply and receive the certificate. AWS is compliant regarding the security of the cloud, but it is your responsibility to ensure security within the cloud. AWS Artifact serves as a repository.

  • To oversee the arrangement of your stack and fix any configurations, you can utilize AWS Config.
  • Cloudwatch, an AWS service, is capable of overseeing the system’s operations, issuing notifications, and triggering Lambda functions.
  • The monitoring of API calls will be carried out by AWS Cloud Trail.
  • It is recommended to inspect your buckets for any Personal Identifiable Information. After that, you can enable encryption and select the appropriate Key Management System (KMS).

Here are a few services worth noting. Kind regards.

Frequently Asked Questions