AWS Security Blog
Tag: PCI DSS
Now Available: Videos from re:Invent 2016 Security and Compliance Sessions
Whether you want to review a Security and Compliance track session you attended at AWS re:Invent 2016 or you want to experience a session for the first time, videos from the Security and Compliance track and re:Source Mini Con for Security Services are now available. Note: Slide decks also will be available in the coming […]
AWS Becomes First Cloud Service Provider to Adopt New PCI DSS 3.2
We are happy to announce the availability of the Amazon Web Services PCI DSS 3.2 Compliance Package for the 2016/2017 cycle. AWS is the first cloud service provider (CSP) to successfully complete the assessment against the newly released PCI Data Security Standard (PCI DSS) version 3.2, 18 months in advance of the mandatory February 1, 2018, deadline. […]
How to Help Protect Sensitive Data with AWS KMS
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. AWS Key Management Service (AWS KMS) celebrated its one-year launch anniversary in November 2015, and […]
Learn About re:Invent 2015 Compliance Sessions
As I mentioned previously, the breakout sessions for the Security & Compliance track at re:Invent 2015 have been announced. And in my most recent re:Invent post, I focused on the AWS Identity and Access Management (IAM) sessions that will be offered as part of the Security & Compliance track. Today, I want to highlight the […]
2015 AWS PCI Compliance Package Now Available
We’re happy to announce the availability (upon request) of the 2015 AWS PCI Compliance Package, an assessment completed against the newly released PCI Data Security Standard (PCI DSS) Version 3.1. The PCI DSS is a globally accepted security standard that customers use to support a wide range of sensitive workloads, including the processing and storage […]
How to Address the PCI DSS Requirements for Data Encryption in Transit Using Amazon VPC
The PCI requirements for encryption for data in transit are different for private networks than they are for public networks. When correctly designed, Amazon Virtual Private Cloud (Amazon VPC), a logically isolated portion of the AWS infrastructure that allows you to extend your existing data center network to the cloud, can be considered a private network, […]