Nitro System security in context
The Nitro System design features discussed in this paper operate in the context of the full set of robust controls in place at AWS to maintain security and data protection in the AWS Cloud. In this section we will provide a high-level overview of relevant AWS security and compliance practices. As an AWS customer you inherit all the best practices of AWS policies, architecture, and operational processes built to satisfy the requirements of our most security-sensitive customers.
AWS environments are continuously audited, with
certifications
from accreditation bodies across geographies and verticals
Infrastructure security
Security at AWS starts with our core infrastructure—the hardware, software, networking, and facilities that run AWS Cloud services. Custom-built for the cloud and designed to meet the most stringent security requirements in the world, our infrastructure is monitored 24/7 to help ensure the confidentiality, integrity, and availability of your customer data. With AWS you can build on the most secure global infrastructure, knowing you always own your customer data, including the ability to encrypt it, move it, and manage retention.
Physical access
Physical access to AWS data centers is strictly controlled, both at the perimeter and at building entry points by professional security staff using video surveillance, two-factor and biometric authentication, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors are required to present identification and are signed in and continually escorted by authorized staff. AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges.
When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centers by AWS employees is logged and audited routinely.
Media sanitization
Media storage devices used to store customer data are classified
by AWS as Critical. AWS has exacting standards on how to
install, service, and eventually destroy the devices when they
are no longer useful. When a storage device has reached the end
of its useful life, AWS decommissions media using techniques
detailed in
NIST
800-88
Data protection
All data flowing across the AWS global network that
interconnects our data centers and Regions is automatically
encrypted at the physical layer before it is transmitted between
our secured facilities. Additional encryption layers exist as
well; for example, all inter-Region VPC peering traffic, and
customer or service-to-service TLS connections. We provide tools
that allow you to easily encrypt your customer data in transit
and at rest to help ensure that only authorized users can access
it, using keys you control managed by AWS KMS, or managing your
encryption keys with
AWS CloudHSM
We also give you the control and visibility you need to help you comply with regional and local data privacy laws and regulations. The design of our global infrastructure allows you to choose Regions in which your customer data is physically located, helping you meet data residency requirements.