AWS whitepapers documentation change
Summary
Updated navigation links, removed historical reference note, corrected GDPR Article 32 quote formatting, and added detailed content about AWS encryption services (KMS, CloudHSM, Encryption SDK) for data protection and compliance.
Security assessment
The changes primarily enhance documentation about GDPR compliance and AWS security features. The added content explains how AWS services help protect sensitive data through encryption at rest/in transit and key management, which is security documentation. There is no evidence of addressing a specific security vulnerability or incident; rather, it's general security feature documentation and formatting improvements.
Diff
diff --git a/whitepapers/latest/navigating-gdpr-compliance/protecting-your-data-on-aws.md b/whitepapers/latest/navigating-gdpr-compliance/protecting-your-data-on-aws.md index 43f91d86f..b461e054b 100644 --- a//whitepapers/latest/navigating-gdpr-compliance/protecting-your-data-on-aws.md +++ b//whitepapers/latest/navigating-gdpr-compliance/protecting-your-data-on-aws.md @@ -1 +1 @@ -[](/pdfs/whitepapers/latest/navigating-gdpr-compliance/navigating-gdpr-compliance.pdf#protecting-your-data-on-aws "Open PDF") +[View a markdown version of this page](protecting-your-data-on-aws.md) @@ -3 +3 @@ -[Documentation](/index.html)[AWS Whitepapers](https://aws.amazon.com/whitepapers/)[AWS Whitepaper](welcome.html) +[](/pdfs/whitepapers/latest/navigating-gdpr-compliance/navigating-gdpr-compliance.pdf#protecting-your-data-on-aws "Open PDF") @@ -5 +5 @@ -This whitepaper is for historical reference only. Some content might be outdated and some links might not be available. +[Documentation](/index.html)[AWS Whitepapers](https://aws.amazon.com/whitepapers/)[AWS Whitepaper](navigating-gdpr-compliance-on-aws.html) @@ -9 +9 @@ This whitepaper is for historical reference only. Some content might be outdated -Article 32 of the GDPR requires that organizations must “…implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including …the pseudonymisation and encryption of personal data[...]”. In addition, organizations must safeguard against the unauthorized disclosure of or access to personal data.” +Article 32 of the GDPR requires that organizations must “[…] implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including […] the pseudonymization and encryption of personal data [...]”. In addition, organizations must safeguard against the unauthorized disclosure of, or access to personal data. @@ -12,0 +13,4 @@ Encryption reduces the risks associated with the storage of personal data becaus +AWS and AWS Marketplace partners offer a variety of solutions for protecting sensitive data within the AWS platform, but for applications and data subject to rigorous contractual or regulatory requirements for managing cryptographic keys, additional protection is sometimes necessary. Previously, the only option to store sensitive data (or the encryption keys protecting the sensitive data) may have been in on-premises datacenters. This might have prevented you from migrating these applications to the cloud, or significantly slowed their performance. + +AWS supports encryption at rest and in transit, provides key management options through [AWS KMS](https://aws.amazon.com/kms/) and [AWS CloudHSM](https://aws.amazon.com/cloudhsm/), and enables client-side encryption through libraries like the [AWS Encryption SDK](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html). These services help customers comply with data protection regulations and align with industry security standards. + @@ -19 +23 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Centralized Security Management +Using AWS Services to Strengthen Compliance and Governance