AWS says its entire cloud is GDPR-ready

Clare Hopping

28 Mar, 2018

Amazon Web Services (AWS) has officially announced that all of its products and services are fully GDPR-compliant, meaning any businesses looking to beef up their policies for the incoming law change are covered if they use the platform.

The company said it drafted in “security and compliance experts” to audit its inner workings as a data processor, who approved it as fully compliant. 

AWS explained the aspects that ensure it’s compliant with GDPR include the encryption of personal data, assurance that any data processed on its platform offers ongoing confidentiality, integrity, availability, and resilience and that data can be restored quickly should a physical or technical incident occur. It also said it regularly tests, assesses and evaluates its operation to ensure it complies with security.

“This announcement confirms we have completed the entirety of our GDPR service readiness audit, validating that all generally available services and features adhere to the high privacy bar and data protection standards required of data processors by the GDPR,” said VP of AWS security assurance, Chad Woolf in a blog post.

“We completed this work two months ahead of the May 25, 2018 enforcement deadline in order to give customers and APN partners an environment in which they can confidently build their own GDPR-compliant products, services, and solutions.”

Wolf said AWS is also prepped to train staff around compliance issues via a range of workshops and summits, led by its Professional Services team. The workshops are tailored to each business’s particular needs and these will be supported by presentations during the company’s European, San Francisco and Tokyo summits.

AWS will also make its compliance, data protection and security teams available to businesses via their AWS Account Manager, so if they need any further clarification AWS’s staff will be on hand to help.

Wolf also pointed to four existing services, Amazon Guard Duty, Amazon Macie, Amazon Inspector and Amazon Config Rules, that could help customers ensure their own GDPR compliance as well.

“AWS’s GDPR service readiness is only part of the story; we are continuing to work alongside our customers and the AWS Partner Network (APN) to help on their journey toward GDPR compliance,” he concluded.

Main image credit: Shutterstock