Issue link: https://read.uberflip.com/i/1182528
Amazon Web Services – Architecting for Genomic Data Security and Compliance in AWS December 2014 Page 4 of 17 AWS Approach to Shared Security Responsibilities AWS delivers a robust web services platform with features that enable research teams around the world to create and control their own private area in the AWS cloud so they can quickly build, install, and use their data analysis applications and data stores without having to purchase or maintain the necessary hardware and facilities. As a researcher, you can create your private AWS environment yourself using a self-service signup process that establishes a unique AWS account ID, creates a root user account and account ID, and provides you with access to the AWS Management Console and Application Programming Interfaces (APIs), allowing control and management of the private AWS environment. Because AWS does not access or manage your private AWS environment or the data in it, you retain responsibility and accountability for the configuration and security controls you implement in your AWS account. This customer accountability for your private AWS environment is fundamental to understanding the respective roles of AWS and our customers in the context of data protections and security practices for human genomic data. Figure 1 depicts the AWS Shared Responsibility Model. Figure 1 - Shared Responsibility Model In order to deliver and maintain the features available within every customer's private AWS environment, AWS works vigorously to enhance the security features of the platform and ensure that the feature delivery operations are secure and of high quality. AWS defines quality and security as confidentiality, integrity, and availability of our services, and AWS seeks to provide researchers with visibility and assurance of our quality and security practices in four important ways.