Security and Compliance
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. It provides Shaip with an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely.
AWS’s world-class, highly secure data centers utilize state-of-the art electronic surveillance and multi-factor access control systems. Data centers are staffed 24/7/365 by trained security guards, and access is authorized strictly on a least privileged basis.
Environmental systems are designed to minimize the impact of disruptions to operations. And multiple geographic regions and Availability Zones allow Shaip to remain resilient in the face of most failure modes, including natural disasters or system failures.
The AWS virtual infrastructure has been designed to provide optimum availability while ensuring complete customer privacy and segregation. For a complete list of all the security measures built into the core AWS cloud infrastructure, platforms, and services, please read: Overview of Security Processes.
AWS Compliance enables Shaip to leverage the robust controls in place at AWS to maintain security and data protection. As we build systems on top of the AWS cloud infrastructure, the compliance responsibilities will be shared. The information provided by AWS Compliance will help you to understand AWS compliance posture and to assess Shaip’s compliance with your industry and/or government requirements.
The IT infrastructure that AWS provides for Shaip is designed and managed in alignment with best security practices and a variety of IT security standards.
In addition, the flexibility and control that the AWS platform provides allow customers to deploy solutions that meet several industry-specific standards.
Best Security Practices and IT Security Standards:
- SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II)
- SOC 2 and SOC 3
- FISMA, DIACAP, and FedRAMP
- PCI DSS Level 1
- ISO 27001/9001
- ITAR and FIPS 140-2
Industry-specific Security Standards:
- Cloud Security Alliance (CSA)
- Motion Picture Association of America (MPAA)