Issue link: https://read.uberflip.com/i/1191854
Contents Abstract ............................................................................................................................... vi General Data Protection Regulation Overview ................................................................... 1 Changes the GDPR Introduces to Organizations Operating in the EU .......................... 1 AWS Preparation for the GDPR ...................................................................................... 1 AWS Data Processing Addendum (DPA) ........................................................................ 2 The Role of AWS Under the GDPR ................................................................................. 2 Shared Security Responsibility Model ............................................................................. 3 Strong Compliance Framework and Security Standards ................................................... 4 AWS Compliance Program .............................................................................................. 4 Cloud Computing Compliance Controls Catalog ............................................................ 5 The CISPE Code of Conduct .............................................................................................. 6 Data Access Controls .......................................................................................................... 7 AWS Identity and Access Management .......................................................................... 7 Temporary Access Tokens Through AWS STS .............................................................. 8 Multi-Factor-Authentication .............................................................................................. 9 Access to AWS Objects Resources .............................................................................. 10 Access to Operational & Configuration Data ................................................................. 11 Geo-Restrictions ............................................................................................................. 12 Control Access to Web Applications and Mobile Apps ................................................. 12 Monitoring and Logging ..................................................................................................... 13 Manage and Configure Assets with AWS Config .......................................................... 13 Compliance Auditing & Security Analytics with AWS CloudTrail .................................. 14 Log Formats ................................................................................................................... 16 Centralized Security Management ................................................................................ 17 Protecting your Data on AWS ........................................................................................... 19 Encrypt Data at Rest ...................................................................................................... 19