Security of the cloud

Cloud Security Alliance Consensus Assessment Initiative Questionnaire

https://d1.awsstatic.com/whitepapers/compliance/CSA_Consensus_Assessments_Initiative_Questionnaire.pdf

The CSA Consensus Assessment Initiative Questionnaire provides a set of questions that the CSA anticipates a cloud consumer and/ or auditor would ask a cloud provider. It provides a series of security, control, and process questions that can then be used for a wide range of cases, including cloud vendor selection and security assessment. This document contains AWS’s responses to the CSA questionnaire.

Risks and Regulatory Compliance on AWS:

https://d1.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf

This document addresses AWS specific information on general cloud computing compliance subjects. It provides detailed descriptions of all AWS third-party certifications, programs, reports, and attestations.

AWS Data Centers Security Checks Web Page:

https://aws.amazon.com/compliance/data-center/controls

Many questionnaires have a complete section with questions related to the physical security of data centers. This website provides information about some of our physical and environmental controls.

Virtual Tour of an AWS Data Center:

https://aws.amazon.com/compliance/data-center/data-centers/

Learn key aspects about how we build our data centers to provide you with security in the following layers:

  • Perimeter Layer
  • Infrastructure Layer
  • Data Layer
  • Environmental Layer

If you require more detailed information about security of the cloud in AWS, or if your auditor is asking you about security of the cloud that you can not find in the sources mentioned before, another resource available for review is the “Standardized Information Gathering (GIS) Questionnaire” report at AWS Artifact which includes an excel document with multiple detailed questions about data center controls and their answers.

Mindmap: Reasons why you are more secure on AWS Cloud than on-prem

https://www.xmind.net/m/dkJLPe/