Life Sciences

Navigating GDPR Compliance on AWS

Issue link:

Contents of this Issue


Page 7 of 31

Amazon Web Services Navigating GDPR Compliance on AWS 3 • The ability to restore the availability and access to personal data in a timely manner, in the event of a physical or technical incident. • A process to regularly test, assess, and evaluate the effectiveness of technical and organizational measures to ensure the security of the processing. Shared Security Responsibility Model Security and Compliance is a shared responsibility between AWS and the customer. When customers move their computer systems and data to the cloud, security responsibilities are shared between the customer and the cloud service provider. When customers move to the AWS Cloud, AWS is responsible for securing the underlying infrastructure that supports the cloud, and customers are responsible for anything they put in the cloud or connect to the cloud. This differentiation of responsibility is commonly referred to as security of the cloud versus security in the cloud. This shared model can help reduce customers' operational burden, and provide them with the necessary flexibility and control to deploy their infrastructure in the AWS Cloud. AWS operates, manages, and controls the infrastructure components, from the host operating system and virtualization layer, to the physical security of the facilities in which the service operates. Customers assume responsibility and management of the guest operating system (including updates and security patches), other associated application software, and the configuration of the security group firewall provided by AWS. For more information, see AWS Shared Responsibility Model.

Articles in this issue

Links on this page

view archives of Life Sciences - Navigating GDPR Compliance on AWS