12/11/2023 0 Comments Aws cis benchmark toolTo support your implementation of shared responsibilities, AWS created the Landing Zone Accelerator on AWS solution (powered by AWS CloudFormation). How can AWS help me achieve alignment with NIST frameworks?ĪWS FedRAMP-compliant systems have been granted authorizations, have addressed the FedRAMP security controls (NIST SP 800-53), use the required FedRAMP templates for the security packages posted in the secure FedRAMP Repository, have been assessed by an accredited independent third-party assessment organization (3PAO) and maintain the continuous monitoring requirements of FedRAMP.Īccording to the AWS Shared Responsibility Model, AWS manages security of the cloud and you are responsible for your security in the cloud.The portion of shared controls that you are responsible for, and controls related to applications you implement on top of the AWS infrastructure, must be separately assessed and authorized by you, in agreement with NIST 800-37 and your specific security authorization policies and procedures. A FedRAMP accredited third-party assessment organization (3PAO) has assessed and authorized AWS implementation of our control responsibility. AWS is solely responsible for configuring and managing security of the cloud.įor security authorization purposes, compliance with the FedRAMP requirements (based on NIST 800-53 rev 4 Low/Moderate/High control baseline) is contingent upon AWS fully implementing AWS-Only and Shared controls, and you implementing Customer-Only and Shared controls. Applications built on top of the AWS system inherit the features and configurable options that AWS provides. AWS-Only Responsibility: AWS manages the cloud infrastructure, including the network, data storage, system resources, data centers, physical security, reliability, and supporting hardware and software.More specifically, you are solely responsible for configuring and managing your security in the cloud.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |