AWS Artifact is a portal that offers enterprises the full access to security as well as compliance reports which will be implemented to the Amazon Web Services public cloud.
On accessing the AWS Artifact, any user will be able to download reports and all other such internal documents which will also ensure and serve as a proof to the auditors that all such AWS offerings the person is using are meeting all the security and compliance standards. Such reports also act as a guide to other team members including all developers, ensuring them that all necessary standards are being followed.
Classification of AWS Artifacts:
A few examples of some reports include the ones which relate to the International Organization for Standardization (ISO), Payment Card Industry Data Security Standard (PCI-DSS) and the Service Organization Control (SOC).
All such reports are classified by AWS as artifacts and are further grouped into two categories, namely public and confidential. Public artifacts are accessible for all of the AWS accounts whereas confidential artifacts mainly require the approval of Amazon and may also require the customer to first sign a non-disclosure agreement before receiving the report.
The admin can also decide whether to restrict or distribute the access of the artifact with the help of AWS Identity and Access Management permissions.
Shared Responsibility Model:
For the shared responsibility model, the first AWS requirement is to secure compliance with the documents in the cloud. But, if the user decides to download an agreement directly, the prime responsibility is to secure the downloaded document. Every artifact that is downloaded will come with its own unique and traceable watermark.
The AWS artifact will also include a detailed description of all the reports also providing an applicable data range, appropriate geographical regions, and cloud services.
AWS Artifact Agreements:
The AWS portal also comes with another unique feature known as AWS Artifact Agreements. With this, the user will be allowed to view, accept and monitor the ongoing status of a Business Associate Addendum (BAA) agreement. The main requirement that AWS requires is for companies to adhere to the BBA agreement if it is in relation to the Health Insurance Portability and Accountability Act or it deals with any health-related information.
No comments:
Post a Comment