Overview

Amazon Web Services (AWS) is Esquema Nacional de Seguridad (ENS) High certified. This certification establishes security standards that apply to all government agencies and public organizations in Spain, and service providers on which the public services are dependent on.

ENS logo

Page topics

FAQs
5

FAQs

Open all

The ENS (Esquema Nacional de Seguridad) accreditation scheme has been developed by the Ministry of Finance and Public Administration and the CCN (National Cryptologic Centre). This comprises of basic principles and minimum requirements necessary for the adequate protection of information.

To achieve ENS High certification, AWS was successfully audited by an accredited independent assessor.

The ENS (Esquema Nacional de Seguridad) is a Spanish certification that was developed as part of Royal Decree 311/2022 on May 3rd 2022. Royal Decree 311/2022 was published in accordance to the earlier Spanish decrees, Royal Decree 3/2010 and Royal Decree 421/2004, which provided the National Cryptologic Centre the functionality to create and disseminate the standards, guides, and recommendations relating to information security.

The current ENS standard was designed and released by the Spanish National Cryptologic Centre and establishes security measures that service providers must adhere to so Spanish government agencies and customers meet the requirements set forth by Royal Decree 311/2022.

ENS High covers 31 AWS Regions worldwide, including Spain. The detailed AWS Regions list is available in the certificate.

The covered AWS services that are already in scope for ENS can be found on the AWS Services in Scope by Compliance Program page. If you would like to learn more about using these services and/or have interest in other services please contact us.

Yes, AWS together with the National Cryptologic Centre have created a set of guidelines that customers can use to align with the security controls described in the High category of the ENS. AWS allows customers to verify ENS compliance of their security controls to the 800 CCN STIC guidelines for ENS using Prowler, an open-source security tool customers can integrate with AWS Security Hub to perform security configuration checks within their AWS environment. In addition, customers can launch open-source conformance pack templates within AWS Config to create security checks, allowing customers to personalize and align them with the ENS. The following links indicate the 800 CCN STIC guidelines and tools that maybe used to align with the security controls described in the ENS.
Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »