Recent AWS Customer Success Stories & Videos

More AWS Customer Success Stories...

« Fedora 14 AMIs for Amazon EC2 | Main | CloudCamp coming to Seattle »


TrackBack URL for this entry:

Listed below are links to weblogs that reference AWS Receives ISO 27001 Certification:


Feed You can follow this conversation by subscribing to the comment feed for this post.

Colin Percival

Something I hear quite often is concerns about PCI compliance. I know there are issues here (e.g., the "on-site audit" requirement for level 1) but if Amazon can find some way to solve these I think it will be a very big deal.

Or we could all use Amazon FPS, of course... but Amazon needs to make it available internationally before that's an option.

Barry Cronin

Congratulations on getting this certification. The timing of this for me and my company couldn't be better.

Adam Auden

Some clarification on what the current situation with PCI-DSS is, and what your plans are to assist customers in being able to deploy systems which handle information which falls under its remit would be appreciated.


To be honest, we need you to offer an England data centre. Our app is perfect for scaling out into the cloud but our customers' data must be held within the legal borders of England for data protection reasons. We're not even allowed to use LogMeIn to connect to customer's sites for support reasons - because that connectivity would go through America.

Provide facilities to launch a cloud in London and beat Rackspace to it!


Congratulation on this achievement!

Do you plan to publish the Information Security Policy, the scope including sites and the statement of applicability (SOA) ?

Jeff Barr

> Do you plan to publish the Information Security Policy, the scope including sites and the statement of applicability (SOA) ?

We do plan to publish additional information on our ISO 27001 certification.

Ted Ritter

Congratulations on 27001. Will you provide info on ISO 27002? What 27002 controls did you evaluate as part of of the ISMS? Thanks.

Jeff Barr

Ted, here's what our team has to say:

"We don’t disclose every control we have in place, but of course we did consider all relevant guidance documented in 27002 as applicable to our scope covering AWS infrastructure, data centers, and services including EC2, S3, and VPC. As part of the certification process our auditors validated that we addressed all aspects of the 27002 guidance appropriate for our systems and services."


Which specific Amazon's global locations (countries) is this ISO27001 certified for?

The comments to this entry are closed.

Featured Events

The AWS Report

Brought to You By

Jeff Barr (@jeffbarr):

Jinesh Varia (@jinman):

Email Subscription

Enter your email address:

Delivered by FeedBurner

April 2014

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30