Tag Archives: Europe

AWS Weekly Roundup: Amazon S3 Access Grants, AWS Lambda, European Sovereign Cloud Region, and more (July 8, 2024).

Post Syndicated from Sébastien Stormacq original https://aws.amazon.com/blogs/aws/aws-weekly-roundup-amazon-s3-access-grants-aws-lambda-european-sovereign-cloud-region-and-more-july-8-2024/

I counted only 21 AWS news since last Monday, most of them being Regional expansions of existing services and capabilities. I hope you enjoyed a relatively quiet week, because this one will be busier.

This week, we’re welcoming our customers and partners at the Jacob Javits Convention Center for the AWS Summit New York on Wednesday, July 10. I can tell you there is a stream of announcements coming, if I judge by the number of AWS News Blog posts ready to be published.

I am writing these lines just before packing my bag to attend the AWS Community Day in Douala, Cameroon next Saturday. I can’t wait to meet our customers and partners, students, and the whole AWS community there.

But for now, let’s look at last week’s new announcements.

Last week’s launches
Here are the launches that got my attention.

Amazon Simple Storage Service (Amazon S3) Access Grants now integrate with Amazon SageMaker and open souce Python frameworksAmazon S3 Access Grants maps identities in directories such as Active Directory or AWS Identity and Access Management (IAM) principals, to datasets in S3. The integration with Amazon SageMaker Studio for machine learning (ML) helps you map identities to your machine learning (ML) datasets in S3. The integration with the AWS SDK for Python (Boto3) plugin replaces any custom code required to manage data permissions, so you can use S3 Access Grants in open source Python frameworks such as Django, TensorFlow, NumPy, Pandas, and more.

AWS Lambda introduces new controls to make it easier to search, filter, and aggregate Lambda function logsYou can now capture your Lambda logs in JSON structured format without bringing your own logging libraries. You can also control the log level (for example, ERROR, DEBUG, or INFO) of your Lambda logs without making any code changes. Lastly, you can choose the Amazon CloudWatch log group to which Lambda sends your logs.

Amazon DataZone introduces fine-grained access controlAmazon DataZone has introduced fine-grained access control, providing data owners granular control over their data at row and column levels. You use Amazon DataZone to catalog, discover, analyze, share, and govern data at scale across organizational boundaries with governance and access controls. Data owners can now restrict access to specific records of data instead of granting access to an entire dataset.

AWS Direct Connect proposes native 400 Gbps dedicated connections at select locationsAWS Direct Connect provides private, high-bandwidth connectivity between AWS and your data center, office, or colocation facility. Native 400 Gbps connections provide higher bandwidth without the operational overhead of managing multiple 100 Gbps connections in a link aggregation group. The increased capacity delivered by 400 Gbps connections is particularly beneficial to applications that transfer large-scale datasets, such as for ML and large language model (LLM) training or advanced driver assistance systems for autonomous vehicles.

For a full list of AWS announcements, be sure to keep an eye on the What’s New at AWS page.

Other AWS news
Here are some additional news items that you might find interesting:

The list of services available at launch in the upcoming AWS Europe Sovereign Cloud Region is available – we shared the list of AWS services that will be initially available at launch in the new AWS European Sovereign Cloud Region. The list has no surprises. Services for security, networking, storage, computing, containers, artificial intelligence (AI), and serverless will be available at launch. We are building the AWS European Sovereign Cloud to offer public sector organizations and customers in highly regulated industries further choice to help them meet their unique digital sovereignty requirements, as well as stringent data residency, operational autonomy, and resiliency requirements. This is an investment of 7.8 billion euros (approximately $8.46 billion). The new Region will be available by the end of 2025.

Upcoming AWS events
Check your calendars and sign up for upcoming AWS events:

AWS Summits – Join free online and in-person events that bring the cloud computing community together to connect, collaborate, and learn about AWS. To learn more about future AWS Summit events, visit the AWS Summit page. Register in your nearest city: New York (July 10), Bogotá (July 18), and Taipei (July 23–24).

AWS Community Days – Join community-led conferences that feature technical discussions, workshops, and hands-on labs led by expert AWS users and industry leaders from around the world. Upcoming AWS Community Days are in Cameroon (July 13), Aotearoa (August 15), and Nigeria (August 24).

Browse all upcoming AWS led in-person and virtual events and developer-focused events.

That’s all for this week. Check back next Monday for another Weekly Roundup!

— seb

This post is part of our Weekly Roundup series. Check back each week for a quick roundup of interesting news and announcements from AWS!

Announcing initial services available in the AWS European Sovereign Cloud, backed by the full power of AWS

Post Syndicated from Max Peterson original https://aws.amazon.com/blogs/security/announcing-initial-services-available-in-the-aws-european-sovereign-cloud-backed-by-the-full-power-of-aws/

English | French | German | Italian | Spanish

Last month, we shared that we are investing €7.8 billion in the AWS European Sovereign Cloud, a new independent cloud for Europe, which is set to launch by the end of 2025. We are building the AWS European Sovereign Cloud designed to offer public sector organizations and customers in highly regulated industries further choice to help them meet their unique digital sovereignty requirements, as well as stringent data residency, operational autonomy, and resiliency requirements. Customers and partners using the AWS European Sovereign Cloud will benefit from the full capacity of AWS including the same familiar architecture, service portfolio, APIs, and security features available in our 33 existing AWS Regions. Today, we are thrilled to reveal an initial roadmap of services that will be available in the AWS European Sovereign Cloud. This announcement highlights the breadth and depth of the AWS European Sovereign Cloud service portfolio, designed to meet customer and partner demand while delivering on our commitment to offer the most advanced set of sovereignty controls and features available in the cloud.

The AWS European Sovereign Cloud is architected to be sovereign-by-design, just as the AWS Cloud has been since day one. We have designed a secure and highly available global infrastructure, built safeguards into our service design and deployment mechanisms, and instilled resilience into our operational culture. Our customers benefit from a cloud built to help them satisfy the requirements of the most security-sensitive organizations. Each Region is comprised of multiple Availability Zones and each Availability Zone is made up of one or more discrete data centers, each with redundant power, connectivity, and networking. The first Region of the AWS European Sovereign Cloud will be located in the State of Brandenburg, Germany, with infrastructure wholly located within the European Union (EU). Like our existing Regions, the AWS European Sovereign Cloud will be powered by the AWS Nitro System. The Nitro System powers all our modern Amazon Elastic Compute Cloud (Amazon EC2) instances and provides a strong physical and logical security boundary to enforce access restrictions so that nobody, including AWS employees, can access customer data running in Amazon EC2.

Service roadmap for the AWS European Sovereign Cloud

When launching a new Region, we start with the core services needed to support critical workloads and applications and then continue to expand our service catalog based on customer and partner demand. The AWS European Sovereign Cloud will initially feature services from a range of categories, including for artificial intelligenceAmazon SageMaker, Amazon Q, and Amazon Bedrock, computeAmazon EC2 and AWS Lambda, containersAmazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS), databaseAmazon Aurora, Amazon DynamoDB, and Amazon Relational Database Service (Amazon RDS), networkingAmazon Virtual Private Cloud (Amazon VPC), securityAWS Key Management Service (AWS KMS) and AWS Private Certificate Authority, and storageAmazon Simple Storage Service (Amazon S3) and Amazon Elastic Block Store (Amazon EBS). The AWS European Sovereign Cloud will feature its own dedicated identity and access management (IAM), billing, and usage metering systems that are operated independently from existing Regions. These systems will allow customers using the AWS European Sovereign Cloud to keep all customer data, as well as all the metadata they create (such as the roles, permissions, resource labels, and configurations they use to run AWS) in the EU. Customers using the AWS European Sovereign Cloud will also be able to take advantage of the AWS Marketplace, a curated digital catalog that makes it convenient to find, test, buy, and deploy third-party software. To help customers and partners plan their deployments to the AWS European Sovereign Cloud, we’ve published the roadmap of initial services at the end of this blogpost.

Start building for sovereignty today on AWS

AWS is committed to offering our customers the most advanced set of sovereignty controls and features available in the cloud. We have a wide range of offerings to help you meet your unique digital sovereignty requirements, including our eight existing Regions in Europe, AWS Dedicated Local Zones, and AWS Outposts. The AWS European Sovereign Cloud is an additional option to choose from. You can start building in our existing sovereign-by-design Regions and, if needed, migrate to the AWS European Sovereign Cloud. If you have stringent isolation and in-country data residency requirements, you will also be able to use Dedicated Local Zones or Outposts to deploy AWS European Sovereign Cloud infrastructure in locations you select.

Today, you can conduct proof-of-concept exercises and gain hands-on experience that will help you hit the ground running when the AWS European Sovereign Cloud launches in 2025. For example, you can use AWS CloudFormation to create and provision AWS infrastructure deployments predictably and repeatedly in an existing Region to prepare for the AWS European Sovereign Cloud. Using AWS CloudFormation, you can leverage services like Amazon EC2, Amazon Simple Notification Service (Amazon SNS), and Elastic Load Balancing to build highly reliable, highly scalable, cost-effective applications in the cloud in a repeatable, auditable, and automatable manner. You can use Amazon SageMaker to build, train, and deploy your machine learning models (including large language and other foundation models). You can use Amazon S3 to benefit from automatic encryption on all object uploads. If you have a regulatory need to store and use your encryption keys on premises or outside AWS, you can use the AWS KMS External Key Store.

Whether you’re migrating to the cloud for the first time, considering the AWS European Sovereign Cloud, or modernizing your applications to take advantage of cloud services, you can benefit from our experience helping organizations of all sizes move to and thrive in the cloud. We provide a wide range of resources to adopt the cloud effectively and accelerate your cloud migration and modernization journey, including the AWS Cloud Adoption Framework and AWS Migration Acceleration Program. Our global AWS Training and Certification helps learners and organizations build in-demand cloud skills and validate expertise with free and low-cost training and industry-recognized AWS Certification credentials, including more than 100 training resources for AI and machine learning (ML).

Customers and partners welcome the AWS European Sovereign Cloud service roadmap

Adobe is the world leader in creating, managing, and optimizing digital experiences. For over twelve years, Adobe Experience Manager (AEM) Managed Services has leveraged the AWS Cloud to support Adobe customers’ use of AEM Managed Services. “Over the years, AEM Managed Services has focused on the four pillars of security, privacy, regulation, and governance to ensure Adobe customers have best-in-class digital experience management tools at their disposal,” Mitch Nelson, Senior Director, Worldwide Managed Services at Adobe. “We are excited about the launch of the AWS European Sovereign Cloud and the opportunity it presents to align with Adobe’s Single Sovereign Architecture for AEM offering. We look forward to being among the first to provide the AWS European Sovereign Cloud to Adobe customers.”

adesso SE is a leading IT services provider in Germany with a focus on helping customers optimize core business processes with modern IT. adesso SE and AWS have been working together to help organizations drive digital transformations, quickly and efficiently, with tailored solutions. “With the European Sovereign Cloud, AWS is providing another option that can help customers navigate the complexity around changing rules and regulations. Organizations across the public sector and regulated industries are already using the AWS Cloud to help meet their digital sovereignty requirements, and the AWS European Sovereign Cloud will unlock additional opportunities,” said Markus Ostertag, Chief AWS Technologist, adesso SE. “As one of Germany’s largest IT service providers, we see the benefits that the European Sovereign Cloud service portfolio will provide to help customers innovate while getting the reliability, resiliency, and availability they need. AWS and adesso SE share a mutual commitment to meeting the unique needs of our customers, and we look forward to continuing to help organizations across the EU drive advancements.”

Genesys, a global leader in AI-powered experience orchestration, empowers more than 8,000 organizations in over 100 countries to deliver personalized, end-to-end experience at scale. With Genesys Cloud running on AWS, the companies have a longstanding collaboration to deliver scalable, secure, and innovative services to joint global clientele. “Genesys is at the forefront of helping businesses use AI to build loyalty with customers and drive productivity and engagement with employees,” said Glenn Nethercutt, Chief Technology Officer at Genesys. “Delivery of the Genesys Cloud platform on the AWS European Sovereign Cloud will enable even more organizations across Europe to experiment, build, and deploy cutting-edge customer experience applications while adhering to stringent data sovereignty and regulatory requirements. Europe is a key player in the global economy and a champion of data protection standards, and upon its launch, the AWS European Sovereign Cloud will offer a comprehensive suite of services to help businesses meet both data privacy and regulatory requirements. This partnership reinforces our continued investment in the region and Genesys and AWS remain committed to working together to help address the unique challenges faced by European businesses, especially those in highly regulated industries such as finance and healthcare.”

Pega provides a powerful platform that empowers global clients to use AI-powered decisioning and workflow automation solutions to solve their most pressing business challenges – from personalizing engagement to automating service to streamlining operations. Pega’s strategic work with AWS has allowed Pega to transform its as-a-Service business to become a highly scalable, reliable, and agile way for our clients to experience Pega’s platform across the globe. “The collaboration between AWS and Pega will deepen our commitment to our European Union clients to storing and processing their data within region,” said Frank Guerrera, chief technical systems officer at Pegasystems. “Our combined solution, taking advantage of the AWS European Sovereign Cloud, will allow Pega to provide sovereignty assurances at all layers of the service, from Pega’s platform and supporting technologies all the way to the enabling infrastructure. This solution combines Pega Cloud’s already stringent approach to data isolation, people, and process with the new and innovative AWS European Sovereign Cloud to deliver flexibility for our public sector and highly regulated industry clients.”

SVA System Vertrieb Alexander GmbH is one of the leading founder-owned system integrators in Germany with more than 3,200 talented employees at 27 offices across the country that are delivering best-in-class solutions to more than 3,000 customers. The 10-year collaboration between SVA and AWS has helped support customers across all industries and verticals to migrate and modernize workloads from on-premises to AWS or build new solutions from scratch. “The AWS European Sovereign Cloud is addressing specific needs for highly regulated customers, can lower the barriers and unlock huge digitalization potential for these verticals,” said Patrick Glawe, AWS Alliance Lead at SVA System Vertrieb Alexander GmbH. “Given our broad coverage across the public sector and regulated industries, we listen carefully to the discussions regarding cloud adoption and will soon be offering an option to design a highly innovative ecosystem that meets the highest standards of data protection, regulatory compliance, and digital sovereignty requirements. This will have a major impact on the European Union’s digitalization agenda.”

We remain committed to giving our customers more control and more choice to take advantage of the innovation the cloud can offer while helping them meet their unique digital sovereignty needs, without compromising on the full power of AWS. Learn more about the AWS European Sovereign Cloud on our European Digital Sovereignty website and stay tuned for more updates as we continue to drive toward the 2025 launch.

Initial planned services for the AWS European Sovereign Cloud

Analytics

  • Amazon Athena
  • Amazon Data Firehose
  • Amazon EMR
  • Amazon Kinesis Data Streams
  • Amazon Managed Service for Apache Flink
  • Amazon Managed Streaming for Apache Kafka (Amazon MSK)
  • Amazon OpenSearch Service
  • AWS Glue
  • AWS Lake Formation

Application Integration

  • Amazon EventBridge
  • Amazon Simple Notification Service (Amazon SNS)
  • Amazon Simple Queue Service (Amazon SQS)
  • Amazon Simple Workflow Service (Amazon SWF)
  • AWS Step Functions

Artificial Intelligence / Machine Learning

  • Amazon Bedrock
  • Amazon Q
  • Amazon SageMaker

AWS Marketplace

AWS Support

Business Applications

  • Amazon Simple Email Service (Amazon SES)

Cloud Financial Management

  • AWS Budgets
  • AWS Cost Explorer

Compute

  • Amazon EC2 Auto Scaling
  • Amazon Elastic Compute Cloud (Amazon EC2)
  • AWS Batch
  • AWS Lambda
  • EC2 Image Builder

Containers

  • Amazon Elastic Container Registry (Amazon ECR)
  • Amazon Elastic Container Service (Amazon ECS)
  • Amazon Elastic Kubernetes Service (Amazon EKS)
  • AWS Fargate

Database

  • Amazon Aurora
  • Amazon DynamoDB
  • Amazon ElastiCache
  • Amazon Redshift
  • Amazon Relational Database Service (Amazon RDS)
  • Amazon RDS for Oracle
  • Amazon RDS for SQL Server

Developer Tools

  • AWS CodeDeploy
  • AWS X-Ray
Management & Governance

  • Amazon CloudWatch
  • AWS CloudFormation
  • AWS CloudTrail
  • AWS Config
  • AWS Control Tower
  • AWS Health Dashboard
  • AWS License Manager
  • AWS Management Console
  • AWS Organizations
  • AWS Systems Manager
  • AWS Trusted Advisor

Migration & Modernization

  • AWS Database Migration Service (AWS DMS)
  • AWS DataSync
  • AWS Transfer Family

Networking & Content Delivery

  • Amazon API Gateway
  • Amazon Route 53
  • Amazon Virtual Private Cloud (Amazon VPC)
  • AWS Cloud Map
  • AWS Direct Connect
  • AWS Site-to-Site VPN
  • AWS Transit Gateway
  • Elastic Load Balancing (ELB)

Security, Identity, & Compliance

  • Amazon Cognito
  • Amazon GuardDuty
  • AWS Certificate Manager (ACM)
  • AWS Directory Service
  • AWS Firewall Manager
  • AWS IAM Identity Center
  • AWS Identity and Access Management (IAM)
  • AWS Key Management Service (AWS KMS)
  • AWS Private Certificate Authority
  • AWS Resource Access Manager (AWS RAM)
  • AWS Secrets Manager
  • AWS Security Hub
  • AWS Shield Advanced
  • AWS WAF
  • IAM Access Analyzer

Storage

  • Amazon Elastic Block Store (Amazon EBS)
  • Amazon Elastic File System (Amazon EFS)
  • Amazon FSx for Lustre
  • Amazon FSx for NetApp ONTAP
  • Amazon FSx for OpenZFS
  • Amazon FSx for Windows File Server
  • Amazon Simple Storage Service (Amazon S3)
  • AWS Backup
  • AWS Storage Gateway

Contact your AWS Account Manager to discuss your AWS Services requirements further.

If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post, contact AWS Support.
 


French version

Annonce des premiers services disponibles dans l’AWS European Sovereign Cloud, basés sur toute la puissance d’AWS

Le mois dernier, nous avons annoncé un investissement de 7,8 milliards d’euros dans l’AWS European Sovereign Cloud, un nouveau cloud indépendant pour l’Europe qui sera lancé d’ici fin 2025. L’AWS European Sovereign Cloud vise à offrir aux organisations du secteur public et aux clients des industries hautement réglementées une nouvelle option pour répondre à leurs exigences spécifiques en matière de souveraineté numérique, de localisation des données, d’autonomie opérationnelle et de résilience. Les clients et partenaires utilisant l’AWS European Sovereign Cloud bénéficieront de toute la puissance d’AWS, mais également de la même architecture à laquelle ils sont habitués, du même portefeuille étendu de services, des mêmes API et des mêmes fonctionnalités de sécurité que dans les 33 Régions AWS déjà en service. Aujourd’hui, nous sommes ravis de dévoiler une première feuille de route des services qui seront disponibles dans l’AWS European Sovereign Cloud. Cette annonce offre un aperçu de la richesse et de la diversité des services de l’AWS European Sovereign Cloud, conçu pour répondre aux besoins de nos clients et partenaires, tout en respectant notre engagement à offrir l’ensemble le plus avancé d’outils et de fonctionnalités de contrôle disponibles dans le cloud au service de la souveraineté.

L’AWS European Sovereign Cloud a été pensé pour être souverain dès sa conception, tout comme l’AWS Cloud depuis l’origine. Nous avons mis en place une infrastructure mondiale sécurisée à haut niveau de disponibilité, intégré des systèmes de protection pour la conception et le déploiement de nos services et développé une culture opérationnelle de la résilience. Nos clients bénéficient ainsi d’un cloud conçu pour les aider à répondre aux exigences de sécurité les plus strictes. Chaque Région est composée de plusieurs zones de disponibilité comprenant chacune un ou plusieurs centres de données distincts avec une alimentation, une connectivité et un réseau redondants. La première Région de l’AWS European Sovereign Cloud sera située dans le land de Brandebourg, en Allemagne, avec une infrastructure entièrement localisée au sein de l’Union Européenne (UE). Comme dans nos Régions existantes, l’AWS European Sovereign Cloud s’appuiera sur AWS Nitro System. Ce système, à la base de nos instances Amazon Elastic Compute Cloud (Amazon EC2) implémente une séparation physique et logique robuste, afin que personne, y compris au sein d’AWS, ne puisse accéder aux données des clients traitées dans Amazon EC2.

Feuille de route des services pour l’AWS European Sovereign Cloud

Lors du lancement d’une nouvelle Région, nous commençons par mettre en place les services de base nécessaires à la gestion des applications critiques, avant d’étendre notre catalogue de services en fonction des demandes de nos clients et partenaires. L’AWS European Sovereign Cloud proposera initialement des services de différentes catégories, notamment pour l’intelligence artificielle avec Amazon SageMaker, Amazon Q et Amazon Bedrock, pour le calcul avec Amazon EC2 et AWS Lambda, pour les conteneurs avec Amazon Elastic Kubernetes Service (Amazon EKS) et Amazon Elastic Container Service (Amazon ECS), pour les bases de données avec Amazon Aurora, Amazon DynamoDB et Amazon Relational Database Service (Amazon RDS), pour la mise en réseau avec Amazon Virtual Private Cloud (Amazon VPC), pour la sécurité avec AWS Key Management Service (AWS KMS) et AWS Private Certificate Authority et pour le stockage avec Amazon Simple Storage Service (Amazon S3) et Amazon Elastic Block Store (Amazon EBS). L’AWS European Sovereign Cloud disposera de ses propres systèmes dédiés de gestion des identités et des accès (IAM), de facturation et de mesure de l’utilisation, fonctionnant de manière indépendante des Régions existantes. Ces systèmes permettront aux clients utilisant l’AWS European Sovereign Cloud de conserver toutes leurs données ainsi que toutes les métadonnées qu’ils créent (comme les rôles, les permissions, les étiquettes de ressources et les configurations utilisées pour exécuter les services) dans l’Union européenne. Les clients d’AWS European Sovereign Cloud pourront également profiter de l’AWS Marketplace, un catalogue numérique organisé qui facilite la recherche, le test, l’achat et le déploiement de logiciels tiers. Afin d’aider les clients et les partenaires à préparer leurs déploiements sur l’AWS European Sovereign Cloud, nous publions la feuille de route des services initiaux à la fin de cet article.

Commencez dès aujourd’hui à développer vos solutions souveraines sur AWS

AWS s’engage à proposer l’ensemble le plus avancé d’outils et de fonctionnalités de contrôle disponibles dans le cloud au service de la souveraineté. Nous disposons d’une large gamme de solutions pour vous aider à répondre à vos exigences uniques en matière de souveraineté numérique, y compris nos huit Régions existantes en Europe, les AWS Dedicated Local Zones et les AWS Outposts. L’AWS European Sovereign Cloud constitue une option supplémentaire. Vous pouvez commencer à développer vos projets dans nos Régions existantes, toutes souveraines dès leur conception, et migrer si nécessaire vers l’AWS European Sovereign Cloud. En cas d’exigences strictes pour l’isolation et la localisation des données dans un pays, vous pourrez également utiliser les Dedicated Local Zones ou les Outposts pour déployer l’infrastructure de l’AWS European Sovereign Cloud là où vous le désirez.

Dès aujourd’hui, vous pouvez construire des démonstrateurs (PoC) et acquérir une expérience pratique qui vous permettra d’être opérationnel dès le lancement de l’AWS European Sovereign Cloud en 2025. Vous pouvez par exemple utiliser AWS CloudFormation pour créer et déployer de manière prévisible et répétée des déploiements d’infrastructure AWS dans une Région existante afin de vous préparer à l’AWS European Sovereign Cloud. Avec AWS CloudFormation, vous pouvez exploiter des services comme Amazon EC2, Amazon Simple Notification Service (Amazon SNS) et Elastic Load Balancing afin de développer des applications cloud hautement fiables et hautement évolutives de manière reproductible, auditable et automatisable. Amazon SageMaker vous permet de créer, d’entraîner et de déployer tous vos modèles d’apprentissage automatique, y compris des grands modèles de langage (LLM). Et avec Amazon S3, vous pouvez bénéficier du chiffrement automatique pour tous les objets importés. Enfin, si vous devez stocker et utiliser vos clés de chiffrement sur site ou en dehors d’AWS en raison de certaines réglementations, vous pouvez utiliser AWS KMS External Key Store.

Que vous vous apprêtiez à migrer vers le cloud pour la première fois, que vous envisagiez de passer à l’AWS European Sovereign Cloud ou que vous ayez pour projet de moderniser vos applications pour profiter des services cloud, notre expérience peut vous être précieuse. Nous aidons des organisations de différentes tailles à réussir leur transition vers le cloud. Nous mettons à votre disposition une large gamme de ressources pour adopter efficacement le cloud, accélérer votre migration ou votre modernisation, à l’image du Framework d’adoption du cloud AWS et du programme d’accélération des migrations AWS. Notre programme de certification AWS permet aux professionnels et aux organisations de développer des compétences cloud très demandées et de valider leur expertise grâce à des formations gratuites ou peu coûteuses ainsi qu’à des certifications AWS reconnues par l’ensemble de l’industrie. Nous proposons ainsi plus de 100 ressources de formation en intelligence artificielle et en apprentissage automatique.

Nos clients et partenaires accueillent favorablement le portefeuille de services de l’AWS European Sovereign Cloud

Adobe est le leader mondial de la création, de la gestion et de l’optimisation des expériences numériques. Depuis plus de douze ans, les services gérés Adobe Experience Manager (AEM) s’appuient sur le cloud Amazon Web Services (AWS) pour accompagner les clients d’Adobe dans leur utilisation d’AEM. « Au fil des années, les services d’AEM se sont concentrés sur les quatre piliers que sont la sécurité, la confidentialité, la réglementation et la gouvernance, afin de garantir aux clients d’Adobe l’accès aux meilleurs outils de gestion d’expérience numérique du marché », a déclaré Mitch Nelson, Senior Director, Worldwide Managed Services, Adobe. « Nous sommes ravis du lancement d’AWS European Sovereign Cloud, qui représente une opportunité unique de s’aligner sur l’architecture souveraine d’Adobe pour l’offre AEM. Nous espérons être parmi les premiers à proposer AWS European Sovereign Cloud aux clients d’Adobe. »

adesso SE est un important fournisseur de services informatiques en Allemagne, spécialisé dans l’optimisation des processus opérationnels essentiels à l’aide de technologies informatiques modernes. En collaboration avec AWS, adesso SE accompagne les organisations dans leurs transformations numériques avec des solutions personnalisées et efficaces. Pour Markus Ostertag, Chief AWS Technologist chez adesso SE, « l’European Sovereign Cloud d’AWS, est une nouvelle option qui va permettre aux clients de se frayer un chemin dans la complexité toujours croissante des réglementations. Les organisations publiques et les industries réglementées utilisent déjà le Cloud AWS pour répondre à leurs exigences en matière de souveraineté numérique, et l’AWS European Sovereign Cloud leur ouvrira de nouvelles perspectives. » Il poursuit : « En tant que l’un des principaux fournisseurs de services informatiques en Allemagne, nous voyons les avantages que le portefeuille de services de l’European Sovereign Cloud apporteront pour stimuler l’innovation tout en garantissant fiabilité, résilience et disponibilité. AWS et adesso SE partagent un engagement commun à répondre aux besoins spécifiques de nos clients, et nous sommes impatients de continuer à accompagner les différentes organisations à travers l’Union européenne dans leurs avancées technologiques. »

Genesys, leader mondial dans l’orchestration des expériences clients alimentées par l’IA, permet à plus de 8 000 organisations réparties dans plus de 100 pays de proposer des expériences personnalisées de bout en bout à grande échelle. En partenariat avec Amazon Web Services (AWS), Genesys Cloud tire parti de cette plateforme depuis longtemps pour fournir des services sécurisés, évolutifs et innovants à une clientèle mondiale commune. Glenn Nethercutt, Chief Technology Officer chez Genesys, commente : « Genesys joue un rôle de premier plan en aidant les entreprises à utiliser l’IA pour fidéliser leurs clients mais aussi améliorer la productivité et l’engagement de leurs employés. Le déploiement de la plateforme Genesys Cloud sur l’AWS European Sovereign Cloud permettra à davantage d’organisations à travers l’Europe d’explorer, développer et déployer des applications avancées d’expérience client, tout en respectant les exigences et les réglementations les plus strictes en matière de souveraineté des données. L’Europe est un acteur clé de l’économie mondiale et un défenseur des normes de protection des données. Avec le lancement prochain de l’AWS European Sovereign Cloud, une gamme complète de services sera proposée pour aider les entreprises à répondre aux exigences réglementaires et de confidentialité des données. Ce partenariat renforce notre investissement continu dans la région. Genesys et AWS restent engagés à collaborer pour relever les défis uniques auxquels les entreprises européennes sont confrontées, en particulier celles des secteurs hautement réglementés comme la finance et la santé. »

Pega propose une plateforme performante qui permet aux clients internationaux de relever leurs défis commerciaux les plus urgents grâce à des solutions d’aide à la prise de décision et d’automatisation des flux basées sur l’IA. Des solutions qui vont de la personnalisation des interactions client à l’automatisation des services en passant par l’optimisation des opérations. Le partenariat stratégique avec AWS a permis à Pega de transformer son activité en mode SaaS (logiciel en tant que service) en une solution hautement évolutive, fiable et agile, offrant à nos clients une expérience optimale de la plateforme Pega, partout dans le monde. Frank Guerrera, Chief Technical Systems Officer chez Pegasystems, précise : « La collaboration entre AWS et Pega renforcera notre engagement envers nos clients de l’Union européenne pour le stockage et le traitement de leurs données dans la région. Notre solution combinée, tirant parti de l’AWS European Sovereign Cloud, permettra à Pega d’offrir des garanties de souveraineté à tous les niveaux du service, de la plateforme Pega et ses technologies jusqu’à l’infrastructure sous-jacente. Cette solution associe l’approche déjà rigoureuse de Pega Cloud en matière d’isolation des données, de ressources humaines et de processus à celle, nouvelle et innovante, de l’AWS European Sovereign Cloud pour offrir une flexibilité accrue à nos clients du secteur public et des industries hautement réglementées. »

SVA System Vertrieb Alexander GmbH est l’un des principaux intégrateurs de systèmes en Allemagne. Fondé et dirigé par ses propriétaires, il emploie plus de 3 200 employés répartis dans 27 bureaux à travers le pays, et fournit des solutions de pointe à plus de 3 000 clients. Les 10 années de collaboration avec AWS ont permis d’aider des clients de tous les secteurs à migrer et à moderniser leurs applications depuis les infrastructures sur site vers AWS, mais aussi à créer de nouvelles solutions à partir de zéro. « L’AWS European Sovereign Cloud répond aux besoins spécifiques des clients issus d’industries hautement réglementées, peut contribuer à réduire les obstacles existants et libérer un formidable potentiel de numérisation », a déclaré Patrick Glawe, AWS Alliance Lead, SVA System Vertrieb Alexander GmbH. « En tant que partenaire privilégié du secteur public et des industries réglementées, nous suivons de près les discussions sur l’adoption du cloud et nous allons bientôt proposer une option permettant de concevoir un écosystème hautement innovant répondant aux normes les plus strictes en matière de protection des données, de conformité réglementaire et de souveraineté numérique. Cela aura un impact majeur sur le programme de numérisation de l’Union européenne. »

Nous réaffirmons notre engagement à offrir à nos clients plus de contrôle et de choix afin qu’ils puissent tirer pleinement parti des innovations offertes par le cloud, tout en les aidant à répondre à leurs besoins spécifiques en matière de souveraineté numérique, sans aucun compromis sur la puissance d’AWS. Découvrez-en davantage sur l’AWS European Sovereign Cloud sur notre site internet dédié à la souveraineté numérique européenne et suivez l’évolution du projet à mesure que nous nous rapprochons de son lancement en 2025.
 


German version

Bekanntgabe der ersten Services in der AWS European Sovereign Cloud, angetrieben von der vollen Leistungsfähigkeit von AWS

Letzten Monat haben wir bekanntgegeben, dass wir 7,8 Milliarden Euro in die AWS European Sovereign Cloud investieren, eine neue unabhängige Cloud für Europa, die bis Ende 2025 eröffnen soll. Wir bauen die AWS European Sovereign Cloud auf, um Organisationen des öffentlichen Sektors und Kunden in stark regulierten Branchen mehr Wahlmöglichkeiten zu bieten. Wir möchten ihnen dabei helfen, ihre spezifischen Anforderungen an die digitale Souveränität sowie die strengen Vorgaben in Bezug auf den Ort der Datenverarbeitung, die betriebliche Autonomie und die Resilienz zu erfüllen. Kunden und Partner werden von der vollen Leistungsstärke von AWS profitieren, wenn sie die AWS European Sovereign Cloud nutzen. Dazu gehören auch die bekannte Architektur, das Service-Portfolio, die APIs und die Sicherheitsfunktionen, die bereits in unseren 33 bestehenden AWS-Regionen verfügbar sind. Wir freuen uns sehr, heute eine erste Roadmap mit den Services, die in der AWS European Sovereign Cloud verfügbar sein werden, vorzustellen. Diese Bekanntgabe unterstreicht den Umfang des Service-Portfolios der AWS European Sovereign Cloud, das nicht nur die Ansprüche unserer Kunden und Partner erfüllt, sondern auch unser Versprechen, die fortschrittlichsten Souveränitätskontrollen und -funktionen zu bieten, die überhaupt in der Cloud verfügbar sind.

Die AWS European Sovereign Cloud basiert, so wie auch die AWS Cloud seit Tag eins, auf dem „sovereign-by-design“-Ansatz. Wir haben eine sichere und hochverfügbare globale Infrastruktur entwickelt, Schutzmaßnahmen in unser Service-Design und unsere Bereitstellungsmechanismen integriert und Resilienz fest in unserer Betriebskultur verankert. Unsere Kunden profitieren von einer Cloud, die sie dabei unterstützt, selbst die Anforderungen der sicherheitssensibelsten Organisationen zu erfüllen. Jede Region besteht aus mehreren Verfügbarkeitszonen (Availability Zones, AZs) und jede AZ aus einem oder mehreren diskreten Rechenzentren, deren Stromversorgung, Konnektivität und Netzwerk komplett redundant aufgebaut sind. Die erste Region der AWS European Sovereign Cloud ist in Brandenburg geplant, die Infrastruktur wird vollständig in der EU angesiedelt sein. Die AWS European Sovereign Cloud wird wie auch unsere bestehenden Regionen das AWS Nitro System nutzen. Das Nitro System bildet die Grundlage für alle unsere modernen Amazon Elastic Compute Cloud (EC2) Instanzen und basiert auf einer starken physikalischen und logischen Sicherheitsabgrenzung. Damit werden Zugriffsbeschränkungen realisiert, so dass niemand, einschließlich AWS-Mitarbeitern, Zugriff auf Kundendaten, die auf Amazon EC2 laufen, hat.

Service-Roadmap für die AWS European Sovereign Cloud

Wenn wir eine neue Region in Betrieb nehmen, beginnen wir zunächst mit den zentralen Services, die für kritische Arbeitslasten und Anwendungen benötigt werden. Danach erweitern wir den Servicekatalog je nach Bedarf unserer Kunden und Partner. Die AWS European Sovereign Cloud wird zu Beginn Services aus verschiedenen Kategorien bieten, u. a. für künstliche Intelligenz Amazon SageMaker, Amazon Q und Amazon Bedrock; für Compute Amazon EC2 und AWS Lambda; für Container Amazon Elastic Kubernetes Service (Amazon EKS) und Amazon Elastic Container Service (Amazon ECS); für Datenbanken Amazon Aurora, Amazon DynamoDB und Amazon Relational Database Service (Amazon RDS); für Networking Amazon Virtual Private Cloud (Amazon VPC); für Sicherheit AWS Key Management Service (AWS KMS) und AWS Private Certificate Authority; sowie für Speicherung Amazon Simple Storage Service (Amazon S3) und Amazon Elastic Block Store (Amazon EBS). Die AWS European Sovereign Cloud wird über eigene dedizierte Systeme für Identity und Access Management (IAM), Abrechnung und Nutzungsüberwachung verfügen, die unabhängig von bestehenden Regionen betrieben werden. Diese Systeme ermöglichen es Kunden bei der Nutzung der AWS European Sovereign Cloud, alle Kundendaten und von ihnen erstellte Metadaten (etwa Rollen, Berechtigungen, Ressourcenbezeichnungen und Konfigurationen für den Betrieb von AWS), innerhalb der EU zu behalten. Außerdem haben Kunden, welche die AWS European Sovereign Cloud nutzen, Zugriff auf den AWS Marketplace, einen kuratierten digitalen Katalog, mit dem sich leicht Drittanbieter-Software finden, testen, kaufen und integrieren lässt. Um Kunden und Partnern dabei zu helfen, die Bereitstellung der AWS European Sovereign Cloud zu planen, stellen wir am Ende dieses Blogbeitrags eine Roadmap der ersten Services bereit.

Beginnen Sie noch heute mit der Umsetzung Ihrer digitalen Souveränität mit AWS

Bei AWS haben wir uns zum Ziel gesetzt, unseren Kunden die fortschrittlichsten Steuerungsmöglichkeiten für Souveränitätsanforderungen und Funktionen anzubieten, die in der Cloud verfügbar sind. Mit unserem breitgefächerten Angebot, darunter z. B. unsere acht bestehenden Regionen in Europa, AWS Dedicated Local Zones und AWS Outposts, helfen wir Ihnen, Ihre individuellen Anforderungen an die digitale Souveränität zu erfüllen. Die AWS European Sovereign Cloud bietet Ihnen eine weitere Wahlmöglichkeit. Sie können in unseren bestehenden „sovereign-by-design“-Regionen anfangen und bei Bedarf in die AWS European Sovereign Cloud migrieren. Wenn Sie weitere Optionen benötigen, um eine Isolierung zu ermöglichen und strenge Anforderungen an den Ort der Datenverarbeitung in einem bestimmten Land zu erfüllen, können Sie auf AWS Dedicated Local Zones oder AWS Outposts zurückgreifen, um die Infrastruktur der AWS European Sovereign Cloud am Ort Ihrer Wahl zu nutzen.

Sie können schon heute Machbarkeitsstudien durchführen und praktische Erfahrung sammeln, sodass Sie sofort loslegen können, wenn die AWS European Sovereign Cloud 2025 eröffnet wird. Beispielsweise können Sie AWS CloudFormation nutzen, um AWS Ressourcen aus einer bestehenden Region automatisiert bereitzustellen und sich damit auf die AWS European Sovereign Cloud vorzubereiten. Mithilfe von AWS CloudFormation können Sie Services wie Amazon EC2, Amazon Simple Notification Service (Amazon SNS) und Elastic Load Balancing nutzen, um sehr zuverlässige, stark skalierbare und kosteneffiziente Anwendungen in der Cloud zu entwickeln – wiederholbar, prüfbar und automatisierbar. Sie können Amazon SageMaker nutzen, um Ihre Modelle für maschinelles Lernen (darunter auch große Sprachmodelle (LLMs) oder andere Grundlagenmodelle) zu entwickeln, zu trainieren und bereitzustellen. Mit Amazon S3 profitieren Sie von der automatischen Verschlüsselung aller Objekt-Uploads. Sollten Sie aufgrund rechtlicher Vorgaben Ihre Verschlüsselungsschlüssel vor Ort oder außerhalb von AWS speichern und nutzen müssen, können Sie den AWS KMS External Key Store nutzen.

Ganz gleich, ob Sie zum ersten Mal in die Cloud migrieren, die AWS European Sovereign Cloud in Erwägung ziehen oder Ihre Anwendungen modernisieren, um Cloud-Services zu Ihrem Vorteil zu nutzen – Sie profitieren in jedem Fall von unserer Erfahrung, denn wir helfen Organisationen jeder Größe, in die Cloud zu migrieren und in der Cloud zu wachsen. Wir bieten eine große Bandbreite an Ressourcen, mit denen Sie die Cloud effektiv nutzen und Ihre Cloud-Migration sowie Ihre Modernisierungsreise beschleunigen können. Dazu gehören das AWS Cloud Adoption Framework und das AWS Migration Acceleration Programm. Unser globales AWS Training and Certification Programm hilft allen Lernenden und Organisationen, benötigte Cloud-Fähigkeiten zu erlangen und die vorhandene Expertise zu validieren – mit kostenlosen und kostengünstigen Schulungen und branchenweit anerkannten AWS-Zertifizierungen, darunter auch mehr als 100 Schulungen für KI und maschinelles Lernen (ML).

Kunden und Partner begrüßen die Service-Roadmap der AWS European Sovereign Cloud

Adobe ist weltweit führend in der Erstellung, Verwaltung und Optimierung digitaler Erlebnisse. Adobe Experience Manager (AEM) Managed Services nutzt seit über 12 Jahren die AWS Cloud, um Adobe-Kunden die Nutzung von AEM Managed Services zu ermöglichen. „Im Laufe der Jahre hat AEM Managed Services sich auf die vier Grundpfeiler Sicherheit, Datenschutz, Regulierung und Governance konzentriert, um sicherzustellen, dass Adobe-Kunden branchenführende Werkzeuge zur Verwaltung ihrer digitalen Erlebnisse zur Verfügung haben“, sagt Mitch Nelson, Senior Director, Worldwide Managed Services bei Adobe. „Wir freuen uns über die Einführung der AWS European Sovereign Cloud und die Möglichkeit, diese an Adobes Single Sovereign Architecture for AEM Angebot auszurichten. Wir freuen uns darauf, zu den Ersten zu gehören, die Adobe-Kunden die AWS European Sovereign Cloud zur Verfügung stellen“.

adesso SE ist ein führender deutscher IT-Service-Provider, der Kunden dabei hilft, zentrale Unternehmensprozesse mithilfe moderner IT zu optimieren. Durch die Zusammenarbeit von adesso SE und AWS können Organisationen ihre digitale Transformation mithilfe maßgeschneiderter Lösungen schnell und effektiv vorantreiben. „Mit der AWS European Sovereign Cloud bietet AWS eine weitere Möglichkeit, die Kunden dabei hilft, den komplexen Herausforderungen der sich ständig ändernden Bestimmungen und Vorschriften zu begegnen. Organisationen aus dem öffentlichen Sektor und aus stark regulierten Branchen nutzen die AWS Cloud bereits, um die Anforderungen an ihre digitale Souveränität erfüllen zu können. Die AWS European Sovereign Cloud wird ihnen zusätzliche Chancen und Möglichkeiten eröffnen“, so Markus Ostertag, Chief AWS Technologist, adesso SE. „Als einer der größten IT-Service-Provider Deutschlands können wir deutlich sehen, welche Vorteile das Service-Portfolio der AWS European Sovereign Cloud bietet und wie es Kunden hilft, Innovationen voranzutreiben und gleichzeitig die benötigte Verlässlichkeit, Resilienz und Verfügbarkeit zu erlangen. AWS und adesso SE haben ein gemeinsames Ziel, denn wir streben beide danach, die individuellen Anforderungen unserer Kunden zu erfüllen. Wir freuen uns darauf, weiterhin EU-weit Unternehmen dabei zu helfen, sich weiterzuentwickeln.“

Genesys, eine weltweit führende KI-gestützte Plattform für die Orchestrierung von Kundenerlebnissen, unterstützt mehr als 8.000 Organisationen in über 100 Ländern dabei, personalisierte End-To-End-Erlebnisse nach Maß bereitzustellen. Genesys Cloud wird auf AWS betrieben und die beiden Unternehmen arbeiten schon lange eng zusammen, um ihrer gemeinsamen globalen Kundenbasis skalierbare, sichere und innovative Services zu bieten. „Genesys ist ein Vorreiter auf ihrem Gebiet. Wir helfen Unternehmen dabei, mithilfe von KI die Kundenloyalität zu verbessern und die Produktivität und das Engagement der Mitarbeitenden zu steigern“, erklärt Glenn Nethercutt, Chief Technology Officer bei Genesys. „Mit der Bereitstellung der Cloud-Plattform von Genesys in der AWS European Sovereign Cloud ermöglichen wir es noch mehr Unternehmen in ganz Europa, hochmoderne Anwendungen für ein besseres Kundenerlebnis zu entwickeln und bereitzustellen, und gleichzeitig strenge gesetzliche Vorgaben sowie Anforderungen an die digitale Souveränität einzuhalten. Europa ist ein wichtiger Akteur in der globalen Wirtschaft und ein Verfechter strenger Datenschutzstandards. Bei ihrer Einführung wird die AWS European Sovereign Cloud eine umfassende Service-Suite bieten, um Unternehmen dabei zu helfen, sowohl datenschutzrechtliche als auch regulatorische Anforderungen zu erfüllen. Die Partnerschaft verstärkt unsere anhaltenden Investitionen in der Region. Genesys und AWS werden weiterhin zusammenarbeiten, um die einzigartigen Herausforderungen anzugehen, denen sich europäische Unternehmen gegenübersehen – vor allem jene in stark regulierten Branchen wie dem Finanz- und Gesundheitswesen.“

Pega bietet globalen Kunden eine starke Plattform für die KI-gestützte Entscheidungsfindung und Workflow-Automatisierung, mit der sie ihre größten Herausforderungen meistern – von der Personalisierung des Engagements über die Automatisierung von Services bis hin zur Optimierung von Betriebsabläufen. Dank der strategischen Zusammenarbeit mit AWS konnte Pega ihr As-a-Service-Geschäft transformieren und Kunden einen stark skalierbaren, verlässlichen und agilen Weg bieten, die Pega-Plattform in aller Welt zu erleben. „Die Zusammenarbeit von AWS und Pega wird unsere Verpflichtung gegenüber unseren Kunden in der EU stärken, ihre Daten in der Region zu speichern und zu verarbeiten“, freut sich Frank Guerrera, Chief Technical Systems Officer bei Pegasystems. „Unsere gemeinsame Lösung, die die Vorteile der AWS European Sovereign Cloud nutzen wird, erlaubt Pega, Souveränitätszusagen auf allen Ebenen des Services zu treffen, von der Pega-Plattform über unterstützende Technologien bis hin zur erforderlichen Infrastruktur. Diese Lösung vereint den bereits vorhandenen strengen Ansatz der Pega Cloud an Datenisolierung, Menschen und Prozesse mit der neuen, innovativen AWS European Sovereign Cloud, um unseren Kunden aus dem öffentlichen Sektor und aus stark regulierten Branchen mehr Flexibilität zu bieten.“

SVA System Vertrieb Alexander GmbH ist einer der führenden inhabergeführten IT-Dienstleister Deutschlands und bietet seinen mehr als 3.000 Kunden mit über 3.200 talentierten Mitarbeitenden an 27 Standorten im Land branchenführende Lösungen. Die bereits zehn Jahre andauernde Zusammenarbeit von SVA und AWS hat dabei geholfen, Kunden aus allen Branchen bei der Migration und Modernisierung ihrer Workloads von eigenen Standorten zu AWS zu unterstützen oder beim Aufbau ganz neuer Lösungen. „Die AWS European Sovereign Cloud ist auf die spezifischen Anforderungen stark regulierter Kunden ausgerichtet. Sie kann die Hürden für diese Branchen mindern und ihnen ein riesiges Digitalisierungspotenzial eröffnen“, sagt Patrick Glawe, AWS Alliance Lead bei SVA System Vertrieb Alexander GmbH. „Angesichts unserer umfassenden Lösungen für den öffentlichen Sektor und regulierte Branchen verfolgen wir aufmerksam die Diskussionen rund um den Einsatz der Cloud und werden bald eine Option anbieten, mit der ein hochinnovatives Ökosystem entwickelt werden kann, das die höchsten Anforderungen an den Datenschutz, an die Einhaltung gesetzlicher Vorschriften und an die digitale Souveränität erfüllt. Das wird enorme Auswirkungen auf die Digitalisierungspläne der Europäischen Union haben.“

Wir sind weiterhin bestrebt, unseren Kunden mehr Kontrolle und weitere Optionen anzubieten, damit sie die Vorteile der Innovationsmöglichkeiten, die ihnen die Cloud bietet, nutzen und gleichzeitig alle individuellen Anforderungen an die digitale Souveränität erfüllen können – ohne auf die volle Leistungsfähigkeit von AWS verzichten zu müssen. Erfahren Sie mehr über die AWS European Sovereign Cloud auf unserer European Digital Sovereignty Website. Wir werden Sie vor dem Start 2025 kontinuierlich auf dem Laufenden halten.
 


Italian version

Presentiamo l’offerta di servizi base disponibili nell’AWS European Sovereign Cloud, basato sull’eccezionale potenza di calcolo di AWS

Il mese scorso abbiamo annunciato il nostro investimento nell’AWS European Sovereign Cloud pari a 7,8 miliardi di Euro, per sviluppare un nuovo cloud indipendente, dedicato al mercato europeo, che entrerà in servizio per la fine del 2025. Stiamo sviluppando l’AWS European Sovereign Cloud per offrire a una clientela formata da imprese del settore pubblico, e di settori altamente regolamentati, una scelta più ampia di soluzioni che rispondano alle loro specifiche esigenze in fatto di sovranità digitale, e che soddisfino rigorosi requisiti in tema di residenza dei dati, autonomia operativa e resilienza.

I clienti e i partner che sfruttano l’AWS European Sovereign Cloud potranno beneficiare di tutto il potenziale offerto da AWS che include la stessa architettura di sempre, basata su un ventaglio di servizi, API e funzionalità di sicurezza già disponibili nelle 33 Regioni AWS esistenti. Oggi, siamo lieti di annunciare la prima roadmap dei servizi disponibili nell’AWS European Sovereign Cloud. Questo annuncio sottolinea quanto sia ampio e strutturato il portfolio di servizi che saranno disponibili all’interno di questo Cloud, ideati per rispondere alle esigenze di clienti e partner, confermando il nostro impegno a fornire il set più avanzato di controlli sovrani e funzionalità disponibili in un ambiente cloud.

Il AWS European Sovereign Cloud è stato progettato per essere “sovereign-by-design”, proprio come abbiamo ideato il Cloud AWS sin dalle origini. Abbiamo progettato un’infrastruttura globale sicura e altamente accessibile, implementato salvaguardie all’interno dei nostri meccanismi di progettazione e implementazione del servizio e integrato la resilienza nella nostra cultura operativa. I nostri clienti possono beneficiare di un cloud ideato per aiutarli a rispondere alle esigenze di interlocutori che operano in settori critici per la sicurezza. Ogni regione è composta da una serie di Zone di Disponibilità, ognuna composta da uno o più data center riservati, dotati di alimentazione, connettività e rete ridondante. La prima regione del AWS European Sovereign Cloud nel Lander tedesco di Brandeburgo, mentre l’infrastruttura sarà situata interamente all’interno dell’Unione Europea. Al pari delle nostre Regioni già esistenti, l’AWS European Sovereign Cloud sarà basato sul AWS Nitro System. Il Nitro System alla base dei servizi offerti dal nostro avvenieristico Amazon Elastic Compute Cloud (Amazon EC2) garantendo un perimetro di sicurezza fisico e logico di livello assoluto, capace di applicare restrizioni di accesso in modo tale che nessuno, nemmeno i dipendenti AWS, possano accedere ai dati dei clienti in esecuzione su Amazon EC2.

Roadmap dell’implementazione dei servizi offerti nell’AWS European Sovereign Cloud

Quando attiviamo una nuova Regione, partiamo dai servizi di base necessari per supportare carichi di lavoro e applicazioni fondamentali, per poi espandere la nostra offerta di servizi in base alle richieste di clienti e partner. Nella fase iniziale, il AWS European Sovereign Cloud offrirà servizi provenienti da un ampio ventaglio di categorie, come quelli dedicati all’intelligenza artificialeAmazon SageMaker, Amazon Q, e Amazon Bedrock, al calcolo informaticoAmazon EC2 e AWS Lambda, ai containerAmazon Elastic Kubernetes Service (Amazon EKS) e Amazon Elastic Container Service (Amazon ECS), ai databaseAmazon Aurora, Amazon DynamoDB, e Amazon Relational Database Service (Amazon RDS), al networkingAmazon Virtual Private Cloud (Amazon VPC), alla sicurezzaAWS Key Management Service (AWS KMS) e AWS Private Certificate Authority, oltre allo storageAmazon Simple Storage Service (Amazon S3) e Amazon Elastic Block Store (Amazon EBS). Il AWS European Sovereign Cloud potrà vantare propri sistemi indipendenti di identificazione e accesso (IAM), di fatturazione e di rendicontazione dell’utilizzo, tutti operati in modo autonomo dalle Regioni esistenti. Questi sistemi sono ideati per consentire agli utenti che sfruttano il AWS European Sovereign Cloud di mantenere tutti i dati dei clienti, compresi i metadati creati come ruoli, permessi, etichette di risorse e configurazioni usate per operare in AWS, all’interno dell’Unione Europea. Inoltre, i clienti che usano il AWS European Sovereign Cloud saranno in grado di sfruttare il Marketplace AWS, ovvero, un catalogo digitale che rende più semplice individuare, testare, acquistare e implementare software di terze parti. Per assistere clienti e partner nella loro implementazione del AWS European Sovereign Cloud, abbiamo pubblicato una roadmap dei servizi base consultabile al termine di questo articolo.

Crea da subito la tua sovranità digitale su AWS

AWS si impegna a offrire ai propri clienti il più avanzato set di controlli e funzionalità di sovranità disponibili sul cloud. Mettiamo a disposizione un’ampia gamma di soluzioni dedicate alle tue specifiche esigenze in fatto di sovranità digitale, incluse le nostre otto Regioni esistenti in Europa, AWS Dedicated Local Zones e AWS Outposts, mentre il AWS European Sovereign CloudS è un’ulteriore opzione su cui fare affidamento. Puoi iniziare a lavorare all’interno delle nostre Regioni “sovereign-by-design”, e in caso di necessità, migrare all’interno del AWS European Sovereign Cloud. Se devi ottemperare a rigorose normative in materia di compartimentazione e residenza locale dei dati, possiamo mettere a disposizione anche Dedicated Local Zones o Outposts per usufruire dell’architettura offerta dal Cloud sovrano europeo AWS nella località di tua scelta.

Oggi puoi condurre esercitazioni di “proof-of-concept” per acquisire esperienza pratica capace di apportare un impatto significativo alla tua attività quando l’AWS European Sovereign Cloud sarà attivo nel 2025. Ad esempio, puoi sfruttare la AWS CloudFormation per avviare e impostare l’implementazione dell’infrastruttura AWS in modo puntuale e ripetuto all’interno di una Regione esistente come attività preparatoria all’adozione del AWS European Sovereign Cloud. Grazie alla AWS CloudFormation, puoi sfruttare servizi come Amazon EC2, Amazon Simple Notification Service (Amazon SNS) e il sistema Elastic Load Balancing per creare applicazioni nel cloud che spiccano per affidabilità, scalabilità ed economicità in un modo ripetibile, verificabile e automatizzato. Puoi usare Amazon SageMaker per progettare, addestrare e impegnare i tuoi modelli di machine learning (inclusi i modelli linguistici di grandi dimensioni e i modelli di fondazione). Puoi usare Amazon S3 per sfruttare i vantaggi della crittografia automatica su tutti i caricamenti di oggetti. Se hai esigenze normative che richiedono di archiviare e utilizzare le tue chiavi di crittografia in locale o all’esterno di AWS, puoi usare il AWS KMS External Key Store.

Qualora tu stia effettuando per la prima volta la migrazione verso il cloud, prendendo in considerazione l’utilizzo del AWS European Sovereign Cloud o aggiornando i tuoi applicativi per avvalerti dei servizi cloud, puoi beneficiare dalla nostra esperienza nell’assistere realtà di ogni dimensione che intendono adottare il cloud per sfruttare al meglio il suo potenziale. Offriamo un’ampia gamma di risorse da adottare in modo efficiente nel cloud, così da accelerare il tuo percorso di modernizzazione e migrazione verso il cloud, tra cui spiccano l’AWS Cloud Adoption Framework e l’AWS Migration Acceleration Program. Il nostro programma globale di Formazione e Certificazione AWS è al fianco di personale in formazione e imprese per sviluppare competenze cloud richieste dal mercato e convalidare le proprie conoscenze attraverso percorsi formativi gratuiti e a basso costo, insieme alle credenziali di certificazione AWS riconosciute dal settore che includono oltre 100 risorse didattiche per l’IA e il machine learning (ML).

Clienti e partner danno il benvenuto alla roadmap dell’implementazione dei servizi offerti nell’AWS European Sovereign Cloud

Adobe è il leader mondiale nella creazione, gestione e ottimizzazione delle esperienze digitali. Da oltre dodici anni, Adobe Experience Manager (AEM) Managed Services sfrutta il cloud AWS per supportare l’utilizzo di AEM Managed Services da parte dei clienti Adobe. “Nel corso degli anni, AEM Managed Services si è dimostrato un servizio incentrato su quattro elementi fondamentali come sicurezza, privacy, regolamentazione e governance per garantire che i clienti Adobe possano usare i migliori strumenti di gestione digitale disponibili sul mercato” Ha confermato Mitch Nelson, Senior Director, Workdwide Managed Services di Adobe. “Siamo lieti di presentare l’AWS European Sovereign Cloud e l’opportunità che rappresenta per allinearsi con l’architettura Single Sovereign di Adobe per l’offerta AEM. Non vediamo l’ora di essere tra i primi a fornire il servizio AWS European Sovereign Cloud ai clienti Adobe.”

Adesso SE è un fornitore leader di servizi IT localizzato in Germania, sempre al fianco dei clienti che intendono ottimizzare i principali processi aziendali grazie a una tecnologia digitale all’avanguardia. Adesso SE e AWS lavorano al fianco delle imprese per guidare le trasformazioni digitali in modo rapido ed efficiente grazie a soluzioni su misura. “Con il Cloud sovrano europeo, AWS mette in campo un’ulteriore soluzione ideata per aiutare i clienti a superare agevolmente la complessità di regole e normative in perenne evoluzione. Operatori del settore pubblico e di settori regolamentati stanno già sfruttando AWS Cloud per soddisfare i propri requisiti di sovranità digitale e l’AWS European Sovereign Cloud sbloccherà nuove e interessanti opportunità“, ha affermato Markus Ostertag, Chief AWS Technologist di Adesso SE. “In quanto uno dei principali fornitori tedeschi di servizi IT, siamo consapevoli dei vantaggi che il portfolio di servizi del Cloud sovrano europeo potrà offrire ai clienti che intendono innovare senza rinunciare all’affidabilità, alla resilienza e alla disponibilità di cui hanno bisogno. AWS e Adesso SE sono unite nel soddisfare le specifiche esigenze dei nostri clienti e non vediamo l’ora di continuare a supportare le imprese di tutta l’Unione Europea nel loro percorso di innovazione“.

Genesys, leader globale nell’orchestrazione dell’esperienza basata sull’IA, consente a più di 8.000 imprese dislocate in oltre 100 paesi di offrire esperienze personalizzate e complete su ampia scala. Grazie all’implementazione di Genesys Cloud su AWS, le due aziende firmano una partnership a lungo termine per fornire servizi scalabili, sicuri e innovativi alla loro clientela globale. “Con le sue soluzioni all’avanguardia, Genesys è al fianco delle imprese che intendono sfruttare l’IA per fidelizzare la clientela, aumentando al contempo i livelli di produttività e di coinvolgimento dei dipendenti”, ha affermato Glenn Nethercutt, Chief Technology Officer di Genesys. “L’implementazione della piattaforma Genesys Cloud sul Cloud sovrano europeo AWS potrà consentire a un numero ancora più elevato di imprese in tutta Europa di sperimentare, creare e adottare applicazioni all’avanguardia dedicate alla customer experience, rispettando le normative e i più rigorosi requisiti in fatto di sovranità dei dati. Oltre a essere una potenza mondiale a livello economico, l’Europa si distingue per le sue norme di protezione dei dati e in questo contesto favorevole, l’AWS European Sovereign Cloud sin dalla sua entrata in servizio potrà offrire un ventaglio completo di servizi dedicati alle imprese chiamate a soddisfare sia i requisiti di privacy dei dati che quelli normativi. Questa partnership è il segno tangibile del nostro impegno finanziario a lungo termine nella regione, con Genesys e AWS che confermano e rafforzano il proprio impegno nel rispondere alle sfide che le imprese europee sono chiamate ad affrontare, soprattutto nei settori altamente regolamentati come finanza e sanità”.

Pega fornisce una piattaforma a prestazioni elevate che mette i nostri clienti globali nelle migliori condizioni per sfruttare le nostre soluzioni IA dedicate all’automatizzazione di processi decisionali e flussi di lavoro, ideate per rispondere alle più importanti esigenze aziendali, dalla personalizzazione dell’engagement all’automazione dell’assistenza, fino all’ottimizzazione dell’operatività. La collaborazione strategica tra Pega e AWS ha consentito a Pega di trasformare il proprio modello di “business as-a-Service” in un modello altamente scalabile, affidabile e agile in grado di consentire ai nostri clienti di sperimentare la piattaforma Pega in tutto il mondo. “La collaborazione tra AWS e Pega sarà l’occasione per rafforzare il nostro impegno verso i nostri clienti basati nell’Unione Europea che necessitano di conservare ed elaborare i propri dati all’interno di questa regione”, ha affermato Frank Guerrera, chief technical systems officer di Pegasystems. “Potendo sfruttare l’AWS European Sovereign Cloud, la nostra soluzione integrata consentirà a Pega di garantire sovranità su tutti i livelli di servizio, dalla piattaforma di Pega passando per le tecnologie di supporto, fino all’infrastruttura di implementazione. Questa soluzione abbina il rigoroso approccio verso l’isolamento dei dati, la clientela e le procedure garantito dal Cloud di Pega con il nuovo e innovativo Cloud sovrano europeo firmato AWS per offrire flessibilità ai nostri clienti del settore pubblico e dei settori altamente regolamentati”.

SVA System Vertrieb Alexander GmbH è uno dei più importanti system integrator in Germania, la cui proprietà è ancora detenuta dal fondatore, con una forza lavoro di oltre 3200 talenti distribuiti in 27 uffici su tutto il territorio nazionale, che fornisce soluzioni all’avanguardia a una platea di oltre 3000 clienti. Da 10 anni, la collaborazione tra SVA e AWS si distingue per il continuo sostegno a clienti di ogni settore e ambito operativo che intendono aggiornare e migrare i propri flussi di lavoro da soluzioni in-house verso AWS, oppure, creare soluzioni ex-novo. “l’AWS European Sovereign Cloud risponde a specifiche esigenze dei clienti altamente regolamentati, contribuendo così alla riduzione delle barriere di ingresso per sbloccare il loro immenso potenziale nell’ambito digitale,” ha detto Patrik Glawe, AWS Alliance Lead presso SVA System Vertrieb Alexander GmbH. “ Potendo contare su un’ampia copertura del settore pubblico e dei settori altamente regolamentati, conosciamo alla perfezione le esigenze di chi vuole passare al cloud e stiamo lavorando per offrire a stretto giro una soluzione capace di progettare un ecosistema altamente innovativo in grado di soddisfare i più elevati standard di protezione dei dati, conformità normativa e requisiti di sovranità digitale. Il nostro lavoro avrà un impatto significativo sull’agenda di digitalizzazione dell’Unione Europea.”

Ribadiamo il nostro impegno nel garantire ai nostri clienti livelli ancora più elevati di scelta e di controllo per sfruttare al massimo i vantaggi offerti dal cloud, il tutto fornendo loro assistenza nel rispondere a specifiche esigenze in fatto di sovranità digitale, senza rinunciare a tutta la potenza di AWS. Per saperne di più sul AWS European Sovereign Cloud, consulta il sito web della Sovranità Digitale europea per non perderti gli ultimi aggiornamenti mentre proseguiamo nel nostro lavoro in vista della presentazione nel 2025.
 


Spanish version

Anuncio de los servicios disponibles inicialmente en la AWS European Sovereign Cloud, respaldada por todo el potencial de AWS

El mes pasado, compartimos nuestra decisión de invertir 7.800 millones de euros en la AWS European Sovereign Cloud, una nueva nube independiente para Europa cuyo lanzamiento está previsto para finales de 2025. Estamos diseñando la AWS European Sovereign Cloud para ofrecer más opciones a organizaciones del sector público y clientes de industrias muy reguladas contribuyendo así a cumplir tanto sus necesidades particulares de soberanía digital como los estrictos requisitos de resiliencia, autonomía operativa y residencia de datos. Los clientes y socios que usen la AWS European Sovereign Cloud se beneficiarán de la plena capacidad de AWS, incluyendo la arquitectura, la cartera de servicios, las API y las características de seguridad ya disponibles en nuestras 33 regiones de AWS. Hoy, anunciamos con entusiasmo una hoja de ruta sobre los servicios iniciales que estarán a disposición en la AWS European Sovereign Cloud. Este comunicado pone de manifiesto el gran alcance de la cartera de servicios de la AWS European Sovereign Cloud, diseñada para satisfacer la demanda de clientes y socios y, al mismo tiempo, ser fieles a nuestro compromiso de proporcionar el conjunto de funciones y controles de soberanía más avanzado que existe en la nube.

La AWS European Sovereign Cloud es construida soberana por diseño, como lo ha sido la nube de AWS desde el primer día. Hemos creado una infraestructura global segura y altamente disponible, integrado medidas de protección en nuestros mecanismos de diseño e implementación de servicios e infundido resiliencia en nuestra cultura operativa. Nuestros clientes se benefician de una nube ideada para ayudarles a satisfacer los requisitos de organizaciones que dan la máxima importancia a la seguridad. Cada región está compuesta por múltiples zonas de disponibilidad formadas a su vez por uno o más centros de datos, cada uno con potencia, conectividad y redes redundantes. La primera región de la AWS European Sovereign Cloud se ubicará en el estado federado de Brandeburgo (Alemania), con toda su infraestructura emplazada dentro de la Unión Europea (UE). Como las regiones existentes, la AWS European Sovereign Cloud funcionará gracias a la tecnología del AWS Nitro System, que es la base de todas nuestras modernas instancias de Amazon Elastic Compute Cloud (Amazon EC2) y proporciona sólida seguridad física y lógica para hacer cumplir las restricciones de modo que nadie, ni siquiera los empleados de AWS, puedan acceder a los datos de los clientes en Amazon EC2.

Hoja de ruta sobre los servicios de la AWS European Sovereign Cloud

Al lanzar una nueva región, empezamos por los servicios básicos necesarios para garantizar las aplicaciones y cargas de trabajo cruciales y, a partir de ahí, ampliamos continuamente nuestro catálogo de servicios de acuerdo con la demanda de clientes y socios. La AWS European Sovereign Cloud contará inicialmente con servicios de varias categorías, incluyendo inteligencia artificial [Amazon SageMaker, Amazon Q y Amazon Bedrock], computación [Amazon EC2 y AWS Lambda], contenedores [Amazon Elastic Kubernetes Service (Amazon EKS) y Amazon Elastic Container Service (Amazon ECS)], bases de datos [Amazon Aurora, Amazon DynamoDB y Amazon Relational Database Service (Amazon RDS)], networking [Amazon Virtual Private Cloud (Amazon VPC)], seguridad [AWS Key Management Service (AWS KMS) y AWS Private Certificate Authority] y almacenamiento [Amazon Simple Storage Service (Amazon S3) y Amazon Elastic Block Store (Amazon EBS)]. La AWS European Sovereign Cloud dispondrá de sistemas propios de administración de identidades y acceso (IAM), facturación y medición de uso operados independientemente desde las regiones existentes. Mediante dichos sistemas, los clientes que usen la Nube Soberana Europea de AWS podrán conservar todos los datos de sus propios clientes, así como los metadatos que creen (como roles, permisos, etiquetas de recursos y configuraciones para ejecutar AWS) en la UE. Los clientes que usen la AWS European Sovereign Cloud también podrán sacar partido de AWS Marketplace, un catálogo digital cuidadosamente seleccionado que facilita la búsqueda, las pruebas, la compra y la implementación de software de terceros. Para ayudar a clientes y socios a planear la implementación de la AWS European Sovereign Cloud, hemos publicado una hoja de ruta sobre los servicios iniciales al final de este artículo.

Cómo empezar a construir soberanía hoy mismo con AWS

AWS tiene el compromiso de proporcionar a los clientes el conjunto de funciones y controles de soberanía más avanzado que existe en la nube. Contamos con una amplia oferta para ayudar a cumplir necesidades particulares de soberanía digital, incluyendo nuestras seis regiones en la Unión Europea, AWS Dedicated Local Zones y AWS Outposts. La AWS European Sovereign Cloud es una opción más que se puede elegir. Es posible empezar a trabajar en nuestras regiones soberanas por diseño y, de ser necesario, realizar la migración a la AWS European Sovereign Cloud. Quien deba cumplir estrictos requisitos de aislamiento y residencia de datos a escala nacional también podrá usar Dedicated Local Zones u Outposts para implementar la infraestructura de la AWS European Sovereign Cloud en las ubicaciones seleccionadas.

Actualmente, es posible llevar a cabo pruebas de concepto y adquirir experiencia práctica para empezar con buen pie cuando se lance la AWS European Sovereign Cloud en 2025. Por ejemplo, se puede usar AWS CloudFormation para crear y aprovisionar las implementaciones de la infraestructura de AWS de forma predecible y repetida en una región existente como preparación para la AWS European Sovereign Cloud. AWS CloudFormation permite aprovechar servicios como Amazon EC2, Amazon Simple Notification Service (Amazon SNS) y Elastic Load Balancing para diseñar en la nube aplicaciones de lo más fiables, escalables y rentables de manera reproducible, auditable y automatizable. Asimismo, se puede usar Amazon SageMaker para diseñar, probar e implementar modelos de aprendizaje automático (incluyendo modelos de lenguaje grande y otros modelos fundacionales). También se puede usar Amazon S3 para beneficiarse del cifrado automático en todas las cargas de objetos. Quien tenga necesidad de almacenar y utilizar sus claves de cifrado dentro o fuera de AWS por motivos de regulación puede recurrir a External Key Store de AWS KMS.

Tanto si uno decide realizar la migración a la nube por primera vez, se plantea usar la AWS European Sovereign Cloud o desea modernizar sus aplicaciones para sacar partido de los servicios en la nube, puede beneficiarse de nuestra experiencia en ayudar a organizaciones de todos los tamaños a apostar con éxito por la nube. Ofrecemos una amplia gama de recursos para adoptar la nube de forma efectiva y acelerar el proceso de migración y modernización, incluyendo AWS Cloud Adoption Framework y Migration Acceleration Program de AWS. Nuestro programa global AWS Training and Certification ayuda a quienes están aprendiendo y a organizaciones a obtener capacidades solicitadas en el ámbito de la nube y validar su experiencia con cursos gratuitos o de bajo coste y credenciales de AWS Certification reconocidas por la industria, incluyendo más de 100 recursos de formación en materia de inteligencia artificial y aprendizaje automático.

Clientes y socios reciben con brazos abiertos la hoja de ruta sobre los servicios de la AWS European Sovereign Cloud

Adobe es el líder mundial en la creación, gestión y optimización de experiencias digitales. Durante más de doce años, la nube de AWS ha ayudado a los clientes de Adobe a usar Adobe Experience Manager (AEM) Managed Services. “A lo largo del tiempo, AEM Managed Services se ha centrado en los cuatro pilares de seguridad, privacidad, regulación y gobernanza para garantizar que los clientes de Adobe tengan a su disposición las mejores herramientas de gestión de la experiencia digital”, declaró Mitch Nelson, director senior de Servicios Administrados Mundiales en Adobe. “Nos entusiasma tanto el lanzamiento de la AWS European Sovereign Cloud como la oportunidad que ofrece de alinearse con la Single Sovereign Architecture de Adobe para la oferta de AEM. Deseamos estar entre los primeros en proporcionar la AWS European Sovereign Cloud a los clientes de Adobe.”

adesso SE es un proveedor de servicios informáticos líder en Alemania que se centra en ayudar a los clientes a optimizar los principales procesos empresariales con una infraestructura de TI moderna. adesso SE y AWS vienen colaborando para impulsar la transformación digital de las organizaciones de forma rápida y eficiente mediante soluciones personalizadas. “Con la nube soberana europea, AWS ofrece otra opción que puede ayudar a los clientes a lidiar con la complejidad de los cambios en normas y reglamentos. Varias organizaciones del sector público e industrias reguladas ya usan la nube de AWS para cumplir sus requisitos de soberanía digital, y la AWS European Sovereign Cloud proporcionará oportunidades adicionales”, afirmó Markus Ostertag, responsable de tecnología de AWS en adesso SE. “Como uno de los proveedores de servicios informáticos más importantes de Alemania, somos conscientes de los beneficios que aportará la cartera de servicios de la Nube Soberana Europea a la hora de ayudar a los clientes a innovar y, al mismo tiempo, obtener la fiabilidad, resiliencia y disponibilidad que necesitan. AWS y adesso SE comparten el compromiso mutuo de satisfacer las necesidades particulares de los clientes y deseamos seguir ayudando a avanzar a organizaciones de toda la UE”.

Genesys, líder mundial en orquestación de experiencias impulsadas por la inteligencia artificial, ayuda a más de 8000 organizaciones en más de 100 países a proporcionar una experiencia end-to-end personalizada a escala. Al combinar Genesys Cloud con AWS, las compañías mantienen su larga colaboración para ofrecer servicios escalables, seguros e innovadores a una clientela global común. “Genesys está a la vanguardia cuando se trata de ayudar a las empresas a usar la inteligencia artificial para fidelizar a los clientes y fomentar la productividad y el compromiso de los empleados”, declaró Glenn Nethercutt, director tecnológico en Genesys. “Integrar la plataforma Genesys Cloud en la AWS European Sovereign Cloud permitirá que aún más organizaciones europeas diseñen, prueben e implementen aplicaciones de experiencia del cliente punteras y, al mismo tiempo, cumplan los estrictos requisitos de regulación y soberanía de datos. Europa desempeña un papel clave en la economía global y da ejemplo en materia de estándares de protección de datos; en el momento de su lanzamiento, la AWS European Sovereign Cloud ofrecerá un completo paquete de servicios para ayudar a las empresas a cumplir los requisitos de regulación y privacidad de datos. Esta colaboración reafirma nuestra continua inversión en la región, y Genesys y AWS mantienen el compromiso de trabajar juntos para abordar los desafíos únicos que afrontan las empresas europeas, especialmente aquellas que operan en industrias muy reguladas, como la financiera y la sanitaria”.

Pega proporciona una potente plataforma que permite que los clientes internacionales usen nuestras soluciones de automatización de flujos de trabajo y toma de decisiones basadas en la inteligencia artificial para resolver sus retos empresariales más urgentes, desde la personalización del compromiso hasta la automatización del servicio y la optimización de las operaciones. El estratégico trabajo de Pega con AWS ha favorecido la transformación de su modelo de negocio como servicio para que constituya una forma extremadamente escalable, fiable y ágil de poner la plataforma de Pega a disposición de nuestros clientes a escala global. “La colaboración entre AWS y Pega reforzará nuestro compromiso con los clientes de la Unión Europea de almacenar y procesar sus datos dentro de la región”, aseguró Frank Guerrera, director técnico de sistemas en Pegasystems. “Nuestra solución combinada, aprovechando la AWS European Sovereign Cloud, permitirá que Pega ofrezca garantías de soberanía en todos los niveles del servicio, desde la plataforma y las tecnologías de soporte hasta la infraestructura básica. Esta solución aúna el estricto enfoque de Pega Cloud sobre los procesos, las personas y el aislamiento de datos con la nueva e innovadora Nube Soberana Europea de AWS para ofrecer flexibilidad a nuestros clientes del sector público e industrias muy reguladas”.

SVA System Vertrieb Alexander GmbH, propiedad del fundador, es un integrador de sistemas líder en Alemania, con más de 3200 empleados y 27 oficinas distribuidas por el país, que ofrece soluciones sin parangón a más de 3000 clientes. La colaboración entre SVA y AWS, iniciada hace 10 años, ha permitido ayudar a clientes de diferentes industrias y verticales a modernizar las cargas de trabajo y realizar su migración a AWS o a diseñar nuevas soluciones desde cero. “La AWS European Sovereign Cloud aborda necesidades específicas de clientes sometidos a una elevada regulación, puede eliminar barreras y liberar un enorme potencial de digitalización para estas verticales”, comentó Patrick Glawe, responsable de AWS Alliance en SVA System Vertrieb Alexander GmbH. Debido a nuestro amplio alcance en el sector público e industrias reguladas, seguimos atentamente los debates sobre la adopción de la nube y pronto ofreceremos la opción de diseñar un ecosistema extremadamente innovador que se ajuste a los estándares más altos en materia de protección de datos, cumplimiento normativo y soberanía digital. Esto ejercerá un gran impacto en la agenda de digitalización de la Unión Europea”.

Reafirmamos nuestro compromiso de ofrecer a los clientes más control y opciones para sacar provecho de la innovación que ofrece la nube y, al mismo tiempo, ayudarlos a cumplir sus necesidades particulares de soberanía digital sin poner en riesgo todo el potencial de AWS. En nuestro sitio web de soberanía digital en Europa ofrecemos más información sobre la AWS European Sovereign Cloud. Asimismo, invitamos a todos los interesados a seguir atentamente nuestras próximas noticias de cara al lanzamiento de 2025.
 

Max Peterson

Max Peterson
Max is the Vice President of AWS Sovereign Cloud. He leads efforts to ensure that all AWS customers around the world have the most advanced set of sovereignty controls, privacy safeguards, and security features available in the cloud. Before his current role, Max served as the VP of AWS Worldwide Public Sector (WWPS) and created and led the WWPS International Sales division, with a focus on empowering government, education, healthcare, aerospace and satellite, and nonprofit organizations to drive rapid innovation while meeting evolving compliance, security, and policy requirements. Max has over 30 years of public sector experience and served in other technology leadership roles before joining Amazon. Max has earned both a Bachelor of Arts in Finance and Master of Business Administration in Management Information Systems from the University of Maryland.

Dutch political websites hit by cyber attacks as EU voting starts

Post Syndicated from João Tomé original https://blog.cloudflare.com/dutch-political-websites-hit-by-cyber-attacks-as-eu-voting-starts


The 2024 European Parliament election started in the Netherlands today, June 6, 2024, and will continue through June 9 in the other 26 countries that are part of the European Union. Cloudflare observed DDoS attacks targeting multiple election or politically-related Internet properties on election day in the Netherlands, as well as the preceding day.

These elections are highly anticipated. It’s also the first European election without the UK after Brexit.

According to news reports, several websites of political parties in the Netherlands suffered cyberattacks on Thursday, with a pro-Russian hacker group called HackNeT claiming responsibility.

On June 5 and 6, 2024, Cloudflare systems automatically detected and mitigated DDoS attacks that targeted at least three politically-related Dutch websites. Significant attack activity targeted two of them, and is described below.

A DDoS attack, short for Distributed Denial of Service attack, is a type of cyber attack that aims to take down or disrupt Internet services such as websites or mobile apps and make them unavailable for users. DDoS attacks are usually done by flooding the victim’s server with more traffic than it can handle. To learn more about DDoS attacks and other types of attacks, visit our Learning Center.

Attackers typically use DDoS attacks but also exploit other vulnerabilities and types of attacks simultaneously.

Daily DDoS mitigations on June 5 reached over 1 billion HTTP requests in the Netherlands, most of which targeted two election or political party websites. The attack continued on June 6. Attacks on one website peaked on June 5 at 14:00 UTC (16:00 local time) with 115 million requests per hour, with the attack lasting around four hours. Attacks on another politically-related website peaked at the same time at 65 million requests per hour.

On June 6, the first politically-related site with the highest peak on June 5 referenced above was attacked again for several hours. The main attack peak occurred at 11:00 UTC (13:00 local time), with 44 million requests per hour.

The main June 5 DDoS attack on one of the websites peaked at 14:13 UTC (16:13 local time), reaching 73,000 requests per second (rps) in an attack that lasted for a few hours. This attack is illustrated by the blue line in the graph below, which shows that it ramped slowly over the first half of the day, and then appeared to abruptly stop at 18:06. And on June 6, the main attack on the second website peaked at 11:01 UTC (13:01 local time) with 52,000 rps.

Geopolitical motivations

Elections, geopolitical changes, and disputes also impact the online world and cyberattacks. Our DDoS threat report for Q1 2024 gives a few recent examples. One notable case was the 466% surge in DDoS attacks on Sweden after its acceptance into the NATO alliance, mirroring the pattern observed during Finland’s NATO accession in 2023.

As we’ve seen in recent years, real-world conflicts, disputed and highly anticipated elections, and wars are always accompanied by cyberattacks. We reported (1, 2) on an increase in cyberattacks following the start of the Israel-Hamas war on October 7, 2023. We’ve put together a list of recommendations to optimize your defenses against DDoS attacks, and you can also follow our step-by-step wizards to secure your applications and prevent DDoS attacks.

If you want to follow more trends and insights about the Internet and elections in particular, you can check Cloudflare Radar, and more specifically our new 2024 Elections Insights report, that we’re keeping up to date as national elections take place throughout the year.

European Union elections 2024: securing democratic processes in light of new threats

Post Syndicated from Petra Arts original https://blog.cloudflare.com/eu-elections-2024


Between June 6-9 2024, hundreds of millions of European Union (EU) citizens will be voting to elect their members of the European Parliament (MEPs). The European elections, held every five years, are one of the biggest democratic exercises in the world. Voters in each of the 27 EU countries will elect a different number of MEPs according to population size and based on a proportional system, and the 720 newly elected MEPs will take their seats in July. All EU member states have different election processes, institutions, and methods, and the security risks are significant, both in terms of cyber attacks but also with regard to influencing voters through disinformation. This makes the task of securing the European elections a particularly complex one, which requires collaboration between many different institutions and stakeholders, including the private sector. Cloudflare is well positioned to support governments and political campaigns in managing large-scale cyber attacks. We have also helped election entities around the world by providing tools and expertise to protect them from attack. Moreover, through the Athenian Project, Cloudflare works with state and local governments in the United States, as well as governments around the world through international nonprofit partners, to provide Cloudflare’s highest level of protection for free to ensure that constituents have access to reliable election information.

Election security in 2024: dealing with new and upcoming threats

Ensuring a free, fair, and open electoral process and securing candidate campaigns is understandably a top priority for the EU institutions, as well as for national governments and cybersecurity agencies across the EU. European authorities have already taken a number of measures to ensure the elections are well-protected. Efforts to coordinate election security measures amongst the EU countries are led by the NIS Cooperation Group, with the support of the EU Agency for Cybersecurity (ENISA), the European Commission, and the European External Action Service (the EU’s foreign service).

The NIS Cooperation Group recently issued an updated Compendium on safeguarding the elections amidst cybersecurity challenges, noting that “since the last EU elections in 2019, the elections threat landscape has evolved significantly”. Governments note in particular the impact of Artificial Intelligence (AI), including deep fakes, but also the increased sophistication of threat actors and the trend of “hacktivists-for-hire” as new risks that need to be taken into account. European institutions also highlight today’s geopolitical context, with conflicts in Ukraine and the Middle East impacting cyber threats and foreign influence campaigns in Europe. The European External Action Service analyzed cases of FIMI (Foreign Information Manipulation and Interference) during recent national elections in Spain and Poland, and put together suggested plans for governments on how to respond to the various stages of those FIMI campaigns originating from foreign (e.g. non-EU) actors. EU High Representative for Foreign Affairs Josep Borrell said in a recent blog post that protecting the election process and more broadly European public debate from malign foreign actors “is a security challenge, which we need to tackle seriously”.

Some national governments have also warned against the risks of so-called hybrid threats, whereby foreign governments deploy various methods to exert influence on other states, including disinformation campaigns, cyberattacks and espionage. Germany’s Federal Ministry of the Interior notes that “elections are often a catalyst for increased levels of illegitimate activity by foreign governments, because stoking fear and spreading hate can contribute to the polarization of society, influencing voting habits. (…) We must make a determined effort to counter these threats.”

EU readiness for election season

As part of national and EU-level coordination amongst governments and agencies to prepare to mitigate threats and risks to the European elections, ENISA supports national governments’ measures to ensure the elections will be secure, including by organizing a cybersecurity exercise to test the various crisis plans and responses to potential attacks by national and EU level agencies and governments. ENISA has also put together a checklist for authorities in order to raise awareness on specific risks and threats to the election process.

The European Union has also prepared for other phenomena endangering the security and integrity of the election process, including the spread of disinformation via online platforms. For example, the European Commission recently issued strict guidelines for “Very Large Online Platforms” (VLOPs) and “Very Large Search Engines” (VLOSEs) under the EU Digital Services Act on measures to mitigate systemic risks online that may impact the integrity of elections. These large companies will be required to have dedicated staff to monitor for disinformation threats in the 23 official EU languages across the 27 member states, collaborating closely with European cybersecurity authorities. In addition, in line with upcoming EU legislation on transparency of political advertising, political ads on large social media platforms should be clearly labeled as such.

In its 11th EU Threat Landscape report, published in 2023, ENISA also warned about the risks associated with the rise of AI-enabled information manipulation, including the disruptive impacts of AI chatbots. The European Commission, in its efforts to fight the proliferation of deep fakes and sophisticated voter manipulation tactics through advanced generative AI systems, recently launched inquiries into major AI developers and promoted industry pledges in the context of the EU AI Pact.

The view from Cloudflare: increases in cyber attacks around elections

It is likely that the EU is going to see a trend similar to many other jurisdictions where there have been increases in cyber threats targeting election entities. In the period between November 2022 and August 2023, Cloudflare mitigated 213.78 million threats to government election websites in the United States. That amounts to 703,223 threats mitigated per day on average. There is indeed already evidence that European institutions are subject to increasing attacks.

In November 2023, the European Parliament website was subject to a large cyber attack. And in March 2024, French government websites faced attacks of “unprecedented intensity,” according to a spokesperson. A few days before the attacks, on February 25, 2024, Cloudflare blocked a significant DDoS attack on a French government website. It reached as much as 420 million requests per hour and lasted for over three hours.

The UK government warned last year that there were “sustained” cyberattacks against civil society organizations, journalists and public sector groups, as well as phishing attempts directed at British politicians. Most recently, the IT infrastructure of German political party CDU was hit by a “serious cyberattack” according to the German Interior Ministry.

We have also seen that the magnitude of cyber attacks overall is growing every year. As outlined in Cloudflare’s latest DDoS threat report, published in Q1 2024, Cloudflare’s defense systems automatically mitigated 4.5 million DDoS attacks during that first quarter, representing a 50% year-over-year (YoY) increase. EU governments noted in their 2024 Compendium on safeguarding the elections that DDoS attacks “can still be very effective in undermining the public’s trust in the electoral process, especially if affecting its most critical and visible phases – that is the transmission, aggregation and display of voting results”.

However, it is not only an increase in the size of attacks on websites that is keeping election officials up at night. There are often multiple attack vectors that need to be taken into account, and ensuring election processes and public institutions remain secure is a very complicated task. For example, in the three months leading up to the 2022 U.S. midterm elections, Cloudflare prevented around 150,000 phishing emails targeting campaign officials. ENISA’s latest EU Threat Landscape report, when discussing phishing campaigns, pointed to the risks of AI applied to social engineering (e.g. used for crafting more convincing phishing messages), which can make phishing less costly, easier to scale-up, and more effective. These developments all show how securing voter registration systems, ensuring the integrity of election-related information, and planning effective incident response are necessary as online threats grow more and more sophisticated.

Securing the democratic process in the digital age requires partnerships between governments, civil society, and the private sector. Cloudflare has helped election entities around the world by providing tools and expertise to protect themselves from cyberattack. For example, in 2020, we partnered with the International Foundation for Electoral Systems to provide Enterprise-level services to six election management bodies, including the Central Election Commission of Kosovo, State Election Commission of North Macedonia, and many local election bodies in Canada.

Impact on Internet traffic

Cloudflare’s global network, which spans more than 120 countries and protects around 20% of all websites, allows us a unique view of the trends and patterns seen in Internet traffic. Some of those trends, including traffic, connection quality, and Internet outages, can be seen in our Internet insights platform, Cloudflare Radar.

Several of these trends are especially important to watch during election season. Upon deeper analysis, we observed spikes in traffic to websites related to elections, and to news websites, during this time. From data obtained in 2023 through an analysis of US state and local government websites protected under the Athenian Project, as well as US nonprofit organizations that work in voting rights and promoting democracy under Project Galileo, and political campaigns and parties under Cloudflare for Campaigns, Cloudflare observed an increase in traffic to US election and non-profit websites during the run-up to elections, and then a significant spike on election day as seen in the graphs below.

Cloudflare observed similar patterns for election information websites and news media during the first day of the 2022 French Presidential elections and during the Presidential elections in Brazil that same year.

DNS traffic to election domains observed through Cloudflare’s 1.1.1.1 resolver in April 2022, during the first round of the French Presidential elections

Coordinated efforts are key

The protection of election entities and related organizations and institutions is a huge and complex task. As noted, this requires partnerships and collaboration between different actors, both public and private, with specific expertise. The work done by EU governments and agencies to prepare, be ready and collaborate on election security precautions as outlined above is both welcome and necessary in order to ensure free, fair and above all secure elections. This can only ever be a coordinated effort, with both governments and industry working together to ensure a robust response to any threats to the democratic process. For its part, Cloudflare is protecting a number of governmental and political campaign websites across the EU.

We want to ensure that all groups working to promote democracy around the world have the tools they need to stay secure online. If you work in the election space and need our help, please get in touch. If you are an organization looking for protection under Project Galileo, please visit our website at cloudflare.com/galileo.

More information about the European Union elections can be found here. And if you are based in the EU, do not forget to vote!

AWS plans to invest €7.8B into the AWS European Sovereign Cloud, set to launch by the end of 2025

Post Syndicated from Max Peterson original https://aws.amazon.com/blogs/security/aws-plans-to-invest-e7-8b-into-the-aws-european-sovereign-cloud-set-to-launch-by-the-end-of-2025/

English | German

Amazon Web Services (AWS) continues to believe it’s essential that our customers have control over their data and choices for how they secure and manage that data in the cloud. AWS gives customers the flexibility to choose how and where they want to run their workloads, including a proven track record of innovation to support specialized workloads around the world. While many customers are able to meet their stringent security, sovereignty, and privacy requirements using our existing sovereign-by-design AWS Regions, we know there’s not a one-size-fits-all solution. AWS continues to innovate based on the criteria we know are most important to our customers to give them more choice and more control. Last year we announced the AWS European Sovereign Cloud, a new independent cloud for Europe, designed to give public sector organizations and customers in highly regulated industries further choice to meet their unique sovereignty needs. Today, we’re excited to share more details about the AWS European Sovereign Cloud roadmap so that customers and partners can start planning. The AWS European Sovereign Cloud is planning to launch its first AWS Region in the State of Brandenburg, Germany by the end of 2025. Available to all AWS customers, this effort is backed by a €7.8B investment in infrastructure, jobs creation, and skills development.

The AWS European Sovereign Cloud will utilize the full power of AWS with the same familiar architecture, expansive service portfolio, and APIs that customers use today. This means that customers using the AWS European Sovereign Cloud will get the benefits of AWS infrastructure including industry-leading security, availability, performance, and resilience. We offer a broad set of services, including a full suite of databases, compute, storage, analytics, machine learning and AI, networking, mobile, developer tools, IoT, security, and enterprise applications. Today, customers can start building applications in any existing Region and simply move them to the AWS European Sovereign Cloud when the first Region launches in 2025. Partners in the AWS Partner Network, which features more than 130,000 partners, already provide a range of offerings in our existing AWS Regions to help customers meet requirements and will now be able to seamlessly deploy applications on the AWS European Sovereign Cloud.

More control, more choice

Like our existing Regions, the AWS European Sovereign Cloud will be powered by the AWS Nitro System. The Nitro System is an unparalleled computing backbone for AWS, with security and performance at its core. Its specialized hardware and associated firmware are designed to enforce restrictions so that nobody, including anyone in AWS, can access customer workloads or data running on Amazon Elastic Compute Cloud (Amazon EC2) Nitro based instances. The design of the Nitro System has been validated by the NCC Group, an independent cybersecurity firm. The controls that help prevent operator access are so fundamental to the Nitro System that we’ve added them in our AWS Service Terms to provide an additional contractual assurance to all of our customers.

To date, we have launched 33 Regions around the globe with our secure and sovereign-by-design approach. Customers come to AWS because they want to migrate to and build on a secure cloud foundation. Customers who need to comply with European data residency requirements have the choice to deploy their data to any of our eight existing Regions in Europe (Ireland, Frankfurt, London, Paris, Stockholm, Milan, Zurich, and Spain) to keep their data securely in Europe.

For customers who need to meet additional stringent operational autonomy and data residency requirements within the European Union (EU), the AWS European Sovereign Cloud will be available as another option, with infrastructure wholly located within the EU and operated independently from existing Regions. The AWS European Sovereign Cloud will allow customers to keep all customer data and the metadata they create (such as the roles, permissions, resource labels, and configurations they use to run AWS) in the EU. Customers who need options to address stringent isolation and in-country data residency needs will be able to use AWS Dedicated Local Zones or AWS Outposts to deploy AWS European Sovereign Cloud infrastructure in locations they select. We continue to work with our customers and partners to shape the AWS European Sovereign Cloud, applying learnings from our engagements with European regulators and national cybersecurity authorities.

Continued investment in Europe

Over the last 25 years, we’ve driven economic development through our investment in infrastructure, jobs, and skills in communities and countries across Europe. Since 2010, Amazon has invested more than €150 billion in the EU, and we’re proud to employ more than 150,000 people in permanent roles across the European Single Market.

AWS now plans to invest €7.8 billion in the AWS European Sovereign Cloud by 2040, building on our long-term commitment to Europe and ongoing support of the region’s sovereignty needs. This long-term investment is expected to lead to a ripple effect in the local cloud community through accelerating productivity gains, empowering the digital transformation of businesses, empowering the AWS Partner Network (APN), upskilling the cloud and digital workforce, developing renewable energy projects, and creating a positive impact in the communities where AWS operates. In total, the AWS planned investment is estimated to contribute €17.2 billion to Germany’s total Gross Domestic Product (GDP) through 2040, and support an average 2,800 full-time equivalent jobs in local German businesses each year. These positions, including construction, facility maintenance, engineering, telecommunications, and other jobs within the broader local economy, are part of the AWS data center supply chain.

In addition, AWS is also creating new highly skilled permanent roles to build and operate the AWS European Sovereign Cloud. These jobs will include software engineers, systems developers, and solutions architects. This is part of our commitment that all day-to-day operations of the AWS European Sovereign Cloud will be controlled exclusively by personnel located in the EU, including access to data centers, technical support, and customer service.

In Germany, we also collaborate with local communities on long-term, innovative programs that will have a lasting impact in the areas where our infrastructure is located. This includes developing cloud workforce and education initiatives for learners of all ages, helping to solve for the skills gap and prepare for the tech jobs of the future. For example, last year AWS partnered with Siemens AG to design the first apprenticeship program for AWS data centers in Germany, launched the first national cloud computing certification with the German Chamber of Commerce (DIHK), and established the AWS Skills to Jobs Tech Alliance in Germany. We will work closely with local partners to roll out these skills programs and make sure they are tailored to regional needs.

“High performing, reliable, and secure infrastructure is the most important prerequisite for an increasingly digitalized economy and society. Brandenburg is making progress here. In recent years, we have set on a course to invest in modern and sustainable data center infrastructure in our state, strengthening Brandenburg as a business location. State-of-the-art data centers for secure cloud computing are the basis for a strong digital economy. I am pleased Amazon Web Services (AWS) has chosen Brandenburg for a long-term investment in its cloud computing infrastructure for the AWS European Sovereign Cloud.”

Brandenburg’s Minister of Economic Affairs, Prof. Dr. Jörg Steinbach

Build confidently with AWS

For customers that are early in their cloud adoption journey and are considering the AWS European Sovereign Cloud, we provide a wide range of resources to help adopt the cloud effectively. From lifting and shifting workloads to migrating entire data centers, customers get the organizational, operational, and technical capabilities needed for a successful migration to AWS. For example, we offer the AWS Cloud Adoption Framework (AWS CAF) to provide best practices for organizations to develop an efficient and effective plan for cloud adoption, and AWS Migration Hub to help assess migration needs, define migration and modernization strategy, and leverage automation. We frequently host AWS events, webinars, and workshops focused on cloud adoption and migration strategies, where customers can learn from AWS experts and connect with other customers and partners.

We’re committed to giving customers more control and more choice to help meet their unique digital sovereignty needs, without compromising on the full power of AWS. The AWS European Sovereign Cloud is a testament to this. To help customers and partners continue to plan and build, we will share additional updates as we drive towards launch. You can discover more about the AWS European Sovereign Cloud on our European Digital Sovereignty website.

 
If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post, contact AWS Support.

Want more AWS Security news? Follow us on X.
 


German version

AWS European Sovereign Cloud bis Ende 2025: AWS plant Investitionen in Höhe von 7,8 Milliarden Euro

Amazon Web Services (AWS) ist davon überzeugt, dass es für Kunden von essentieller Bedeutung ist, die Kontrolle über ihre Daten und Auswahlmöglichkeiten zu haben, wie sie diese Daten in der Cloud sichern und verwalten. Daher können Kunden flexibel wählen, wie und wo sie ihre Workloads ausführen. Dazu gehört auch eine langjährige Erfolgsbilanz von Innovationen zur Unterstützung spezialisierter Workloads auf der ganzen Welt. Viele Kunden können bereits ihre strengen Sicherheits-, Souveränitäts- und Datenschutzanforderungen mit unseren AWS-Regionen unter dem „sovereign-by-design“-Ansatz erfüllen. Aber wir wissen ebenso: Es gibt keine Einheitslösung für alle. Daher arbeitet AWS kontinuierlich an Innovationen, die auf jenen Kriterien basieren, die für unsere Kunden am wichtigsten sind und ihnen mehr Auswahl sowie Kontrolle bieten. Vor diesem Hintergrund haben wir letztes Jahr die AWS European Sovereign Cloud angekündigt. Mit ihr entsteht eine neue, unabhängige Cloud für Europa. Sie soll Organisationen des öffentlichen Sektors und Kunden in stark regulierten Branchen dabei helfen, die sich wandelnden Anforderungen an die digitale Souveränität zu erfüllen.

Heute freuen wir uns, dass wir weitere Details über die Roadmap der AWS European Sovereign Cloud bekanntgeben können. So können unsere Kunden und Partner mit ihren weiteren Planungen beginnen. Der Start der ersten Region der AWS European Sovereign Cloud ist in Brandenburg bis zum Jahresende 2025 geplant. Dieses Angebot steht allen AWS-Kunden zur Verfügung und wird von einer Investition in Höhe von 7,8 Milliarden Euro in die Infrastruktur, Arbeitsplatzschaffung und Kompetenzentwicklung unterstützt.

Die AWS European Cloud in Brandenburg bietet die volle Leistungsfähigkeit, mit der bekannten Architektur, dem umfangreichen Angebot an Services und denselben APIs, die Millionen von Kunden bereits kennen. Das bedeutet: Kunden der AWS European Sovereign Cloud profitieren somit bei voller Unabhängigkeit von den bekannten Vorteilen der AWS-Infrastruktur, einschließlich der branchenführenden Sicherheit, Verfügbarkeit, Leistung und Resilienz.

AWS-Kunden haben Zugriff auf ein breites Spektrum an Services – darunter ein umfangreiches Angebot bestehend aus Datenbanken, Datenverarbeitung, Datenspeicherung, Analytics, maschinellem Lernen (ML) und künstlicher Intelligenz (KI), Netzwerken, mobilen Applikationen, Entwickler-Tools, Internet of Things (IoT), Sicherheit und Unternehmensanwendungen. Bereits heute können Kunden Anwendungen in jeder bestehenden Region entwickeln und diese einfach in die AWS European Sovereign Cloud auslagern, sobald die erste AWS-Region 2025 startet. Die Partner im AWS-Partnernetzwerks (APN), das mehr als 130.000 Partner umfasst, bietet bereits eine Reihe von Angeboten in den bestehenden AWS-Regionen an. Dadurch unterstützen sie Kunden dabei, ihre Anforderungen zu erfüllen und Anwendungen einfach in der AWS European Sovereign Cloud bereitzustellen.

Mehr Kontrolle, größere Auswahl

Die AWS European Sovereign Cloud nutzt wie auch unsere bestehenden Regionen das AWS Nitro System. Dabei handelt es sich um einen Computing-Backbone für AWS, bei dem Sicherheit und Leistung im Mittelpunkt stehen. Die spezialisierte Hardware und zugehörige Firmware sind so konzipiert, dass strikte Beschränkungen gelten und niemand, auch nicht AWS selbst, auf die Workloads oder Daten von Kunden zugreifen kann, die auf Amazon Elastic Compute Cloud (Amazon EC2) Nitro-basierten Instanzen laufen. Dieses Design wurde von der NCC Group validiert, einem unabhängigen Unternehmen für Cybersicherheit. Die Kontrollen, die den Zugriff durch Betreiber verhindern, sind grundlegend für das Nitro System. Daher haben wir sie in unsere AWS Service Terms aufgenommen, um allen unseren Kunden diese zusätzliche vertragliche Zusicherung zu geben.

Bis heute haben wir 33 Regionen rund um den Globus mit unserem sicheren und „sovereign-by-design“-Ansatz gestartet. Unsere Kunden nutzen AWS, weil sie auf einer sicheren Cloud-Umgebung migrieren und aufbauen möchten. Für Kunden, die europäische Anforderungen an den Ort der Datenverarbeitung erfüllen müssen, bietet AWS die Möglichkeit, ihre Daten in einer unserer acht bestehenden Regionen in Europa zu verarbeiten: Irland, Frankfurt, London, Paris, Stockholm, Mailand, Zürich und Spanien. So können sie ihre Daten sicher innerhalb Europas halten.

Müssen Kunden zusätzliche Anforderungen an die betriebliche Autonomie und den Ort der Datenverarbeitung innerhalb der Europäischen Union erfüllen, steht die AWS European Sovereign Cloud als weitere Option zur Verfügung. Die Infrastruktur hierfür ist vollständig in der EU angesiedelt und wird unabhängig von den bestehenden Regionen betrieben. Sie ermöglicht es AWS-Kunden, ihre Kundeninhalte und von ihnen erstellten Metadaten in der EU zu behalten – etwa Rollen, Berechtigungen, Ressourcenbezeichnungen und Konfigurationen für den Betrieb von AWS.

Sollten Kunden weitere Optionen benötigen, um eine Isolierung zu ermöglichen und strenge Anforderungen an den Ort der Datenverarbeitung in einem bestimmten Land zu erfüllen, können sie auf AWS Dedicated Local Zones oder AWS Outposts zurückgreifen. Auf diese Weise können sie die Infrastruktur der AWS European Sovereign Cloud am Ort ihrer Wahl einsetzen. Wir arbeiten mit unseren Kunden und Partnern kontinuierlich daran, die AWS European Sovereign Cloud so zu gestalten, dass sie den benötigten Anforderungen entspricht. Dabei nutzen wir auch Feedback aus unseren Gesprächen mit europäischen Regulierungsbehörden und nationalen Cybersicherheitsbehörden.

„Eine funktionierende, verlässliche und sichere Infrastruktur ist die wichtigste Vorrausetzung für eine zunehmend digitalisierte Wirtschaft und Gesellschaft. Brandenburg schreitet hier voran. Wir haben in den vergangenen Jahren entscheidende Weichen gestellt, um Investitionen in eine moderne und nachhaltige Rechenzentruminfrastruktur in unserem Land auszubauen und so den Wirtschaftsstandort Brandenburg zu stärken. Hochmoderne Rechenzentren für sicheres Cloud-Computing sind die Basis für eine digitale Wirtschaft. Für unsere digitale Souveränität ist es wichtig, dass Rechenleistungen vor Ort in Deutschland erbracht werden. Ich freue mich, dass Amazon Web Services Brandenburg für ein langfristiges Investment in ihre Cloud-Computing-Infrastruktur für die AWS European Sovereign Cloud ausgewählt hat.“

sagt Brandenburgs Wirtschaftsminister Prof. Dr.-Ing. Jörg Steinbach

Kontinuierliche Investitionen in Europa

Im Laufe der vergangenen 25 Jahre haben wir die wirtschaftliche Entwicklung in europäischen Ländern und Gemeinden vorangetrieben und in Infrastruktur, Arbeitsplätze sowie den Ausbau von Kompetenzen investiert. Seit 2010 hat Amazon über 150 Milliarden Euro in der Europäischen Union investiert und wir sind stolz darauf, im gesamten europäischen Binnenmarkt mehr als 150.000 Menschen in Festanstellung zu beschäftigen.

AWS plant bis zum Jahr 2040 7,8 Milliarden Euro in die AWS European Sovereign Cloud zu investieren. Diese Investition ist Teil der langfristigen Bestrebungen von AWS, das europäische Bedürfnis nach digitaler Souveränität zu unterstützen. Mit dieser langfristigen Investition löst AWS einen Multiplikatoreffekt für Cloud-Computing in Europa aus. Sie wird die digitale Transformation der Verwaltung und von Unternehmen vorantreiben, das AWS Partner Network (APN) stärken, die Zahl der Cloud- und Digitalfachkräfte erhöhen, erneuerbare Energieprojekte vorantreiben und eine positive Wirkung in den Gemeinden erzielen, in denen AWS präsent ist. Insgesamt wird die geplante AWS-Investition bis 2040 voraussichtlich 17,2 Milliarden Euro zum deutschen Bruttoinlandsprodukt und zur Schaffung von 2.800 Vollzeitstellen bei regionalen Unternehmen beitragen. Diese Arbeitsplätze in den Bereichen Bau, Instandhaltung, Ingenieurwesen, Telekommunikation und der breiteren regionalen Wirtschaft sind Teil der Lieferkette für AWS-Rechenzentren.

Darüber hinaus wird AWS neue Stellen für hochqualifizierte festangestellte Fachkräfte wie Softwareentwickler, Systemingenieure und Lösungsarchitekten schaffen, um die AWS European Sovereign Cloud aufzubauen und zu betreiben. Die Investition in zusätzliches Personal unterstreicht unser Commitment, dass der gesamte Betrieb dieser souveränen Cloud-Umgebung – angefangen bei der Zugangskontrolle zu den Rechenzentren über den technischen Support bis hin zum Kundendienst – ausnahmslos durch Fachkräfte innerhalb der Europäischen Union kontrolliert und gesteuert wird.

In Deutschland arbeitet AWS mit den Beteiligten vor Ort auch an langfristigen und innovativen Programmen zusammen. Diese sollen einen nachhaltigen positiven Einfluss auf die Gemeinden haben, in denen sich die Infrastruktur des Unternehmens befindet. AWS konzentriert sich auf die Entwicklung von Cloud-Fachkräften und Schulungsinitiativen für Lernende aller Altersgruppen. Diese Maßnahmen tragen dazu bei, den Fachkräftemangel zu beheben und sich auf die technischen Berufe der Zukunft vorzubereiten. Im vergangenen Jahr hat AWS beispielsweise gemeinsam mit der Siemens AG das erste Ausbildungsprogramm für AWS-Rechenzentren in Deutschland entwickelt. Ebenso hat das Unternehmen in Kooperation mit dem Deutschen Industrie und Handelstag (DIHK) den bundeseinheitlichen Zertifikatslehrgang zum „Cloud Business Expert“ entwickelt sowie die AWS Skills to Jobs Tech Alliance in Deutschland ins Leben gerufen. AWS wird gemeinsam mit lokalen Partnern daran arbeiten, Ausbildungsprogramme und Fortbildungen anzubieten, die auf die Bedürfnisse vor Ort zugeschnitten sind.

Vertrauensvoll bauen mit AWS

Für Kunden, die sich noch am Anfang ihrer Cloud-Reise befinden und die AWS European Sovereign Cloud in Betracht ziehen, bieten wir eine Vielzahl von Ressourcen an, um den Wechsel in die Cloud effektiv zu gestalten. Egal ob einzelne Workloads verlagert oder ganze Rechenzentren migriert werden sollen – Kunden erhalten von uns die nötigen organisatorischen, operativen und technischen Fähigkeiten für eine erfolgreiche Migration zu AWS. Beispielsweise bieten wir das AWS Cloud Adoption Framework (AWS CAF) an, das Unternehmen bei der Entwicklung eines effizienten und effektiven Cloud-Adoptionsplans mit Best Practices unterstützt. Auch der AWS Migration Hub hilft bei der Bewertung des Migrationsbedarfs, der Definition der Migrations- und Modernisierungsstrategie und der Nutzung von Automatisierung. Darüber hinaus veranstalten wir regelmäßig AWS-Events, Webinare und Workshops rund um die Themen Cloud-Adoption und Migrationsstrategie. Dabei können Kunden von AWS-Experten lernen und sich mit anderen Kunden und Partnern vernetzen.

Wir sind bestrebt, unseren Kunden mehr Kontrolle und weitere Optionen anzubieten, damit diese ihre ganz individuellen Anforderungen an die digitale Souveränität erfüllen können, ohne dabei auf die volle Leistungsfähigkeit von AWS verzichten zu müssen.

Um Kunden und Partnern bei der weiteren Planung und Entwicklung zu unterstützen, werden wir laufend zusätzliche Updates bereitstellen, während wir auf den Start der AWS European Sovereign Cloud hinarbeiten. Mehr über die AWS European Sovereign Cloud erfahren Sie auf unserer Website zur European Digital Sovereignty.

 

Max Peterson

Max Peterson

Max is the Vice President of AWS Sovereign Cloud. He leads efforts to ensure that all AWS customers around the world have the most advanced set of sovereignty controls, privacy safeguards, and security features available in the cloud. Before his current role, Max served as the VP of AWS Worldwide Public Sector (WWPS) and created and led the WWPS International Sales division, with a focus on empowering government, education, healthcare, aerospace and satellite, and nonprofit organizations to drive rapid innovation while meeting evolving compliance, security, and policy requirements. Max has over 30 years of public sector experience and served in other technology leadership roles before joining Amazon. Max has earned both a Bachelor of Arts in Finance and Master of Business Administration in Management Information Systems from the University of Maryland.

All you need to know about the Digital Services Act

Post Syndicated from Petra Arts http://blog.cloudflare.com/author/petra/ original https://blog.cloudflare.com/digital-services-act


February 17th, 2024 marked the entry into force of a landmark piece of European Union (EU) legislation, affecting European users who create and disseminate online content as well as tech companies who act as “intermediaries” on the Internet. I am talking of course about the EU Digital Services Act, or DSA for short. The DSA was first proposed in December 2020, and is meant to update a 20-year-old law called the EU e-commerce Directive, which provides important safeguards and legal certainty for all businesses operating online. The principles of that legal framework, most notably the introduction of EU-wide rules on intermediary liability, are still of major importance today. The DSA is a landmark piece of European legislation because it also sets out, for the first time, enhanced regulatory requirements for (large) digital platforms, thus affecting the entire Internet ecosystem.

At Cloudflare, we are supportive of the longstanding legal frameworks both in Europe and other parts of the world that protect Internet companies from liability for the content that is uploaded or sent through their networks by their users, subscribers or customers. These frameworks are indispensable for the growth of online services, and have been essential in the growth of online applications, marketplaces and social networks.

What’s the Digital Services Act all about?

The EU Digital Services Act consists of two main parts: First, the DSA maintains the strong liability protections for intermediary services that have existed in Europe for over 20 years, and modernizes them, including by giving explicit recognition of supporting Internet services. Services which perform important roles in the functioning of the Internet, such as CDNs, reverse proxies and technical services at the DNS level were not explicitly mentioned in the EU e-commerce Directive at the time. The DSA, in recital 28, recognises that those services, along with many others, are part of the fundamental fabric of the Internet and deserve protection against liability for any illegal or infringing content. This marks an important clarification milestone in EU law.

Secondly, the DSA establishes varying degrees of due diligence and transparency obligations for intermediary services that offer services in the EU. The DSA follows a ‘staggered’ or ‘cumulative’ approach to those obligations and the different services it applies to. This ranges from a number of detailed obligations for the largest platforms (so-called “Very Large Online Platforms” or VLOPs, such as the Apple App Store, Facebook, TikTok, and YouTube), down to less extensive but still impactful rules for smaller platforms, hosting services and Internet intermediaries. What is really important to note with regard to the different service providers that are impacted is that the DSA clearly distinguishes between (technical) intermediary services, “mere” hosting services, and “online platforms”, with the latter category having a number of additional obligations under the new law. Online platform services are considered as hosting services which store information at the request of the recipients of the service, with the important additional role of also disseminating that information to the public.

This proportionate approach is in line with Cloudflare’s view of the Internet stack and the idea that infrastructure services are distinct from social media and search services that are designed to curate and recommend Internet content. This principle of a targeted, proportionate response to the matter is also embedded in the DSA itself. Recital 27 states that “(…) any requests or orders for [such] involvement should, as a general rule, be directed to the specific provider that has the technical and operational ability to act against specific items of illegal content, so as to prevent and minimise (sic) any possible negative effects on the availability and accessibility of information that is not illegal content”. This is an important provision, as principles of proportionality, freedom of speech, and access to information should be safeguarded at all times when it relates to online content.

What do the new rules mean for Cloudflare?

As a provider of intermediary services, Cloudflare has engaged with European policymakers on the topic of intermediary liability for a number of years. From the start of the legislative process on the proposed DSA in 2020 we have contributed extensively to public consultations, and have shared our views on the proposed DSA with lawmakers in Brussels.

In many ways, the final version of the law reflects our existing practices. We have long taken the position, for example, that our intermediary services should have different rules than our hosting services, as is anticipated under the DSA. We have taken a few additional measures to ensure compliance with DSA requirements. For instance, we’ve announced a new legal representative in the EU and point of contact for the purposes of the DSA.

Cloudflare has strongly believed in transparency reporting for a long time, and we have issued transparency reports twice a year since 2013. We recognize that the DSA includes some new requirements around transparency reporting, some of which match with our current reports and processes, and others that do not. We will be revising our transparency reporting, to reflect the DSA’s requirements, beyond our existing documentation. We have also taken steps to confirm that our limited hosting services comply with DSA requirements.

The EU Digital Services Act, because of its enhanced regulatory requirements for (large) digital platforms, represents a significant change to the Internet ecosystem. Cloudflare feels nonetheless well-prepared to address the different requirements that came into force on February 17, 2024, and we look forward to having positive and constructive conversations with relevant European regulators as they start to work on the enforcement of the new law.

Reflecting on the GDPR to celebrate Privacy Day 2024

Post Syndicated from Emily Hancock http://blog.cloudflare.com/author/emily-hancock/ original https://blog.cloudflare.com/reflecting-on-the-gdpr-to-celebrate-privacy-day-2024


Just in time for Data Privacy Day 2024 on January 28, the EU Commission is calling for evidence to understand how the EU’s General Data Protection Regulation (GDPR) has been functioning now that we’re nearing the 6th anniversary of the regulation coming into force.

We’re so glad they asked, because we have some thoughts. And what better way to celebrate privacy day than by discussing whether the application of the GDPR has actually done anything to improve people’s privacy?

The answer is, mostly yes, but in a couple of significant ways – no.

Overall, the GDPR is rightly seen as the global gold standard for privacy protection. It has served as a model for what data protection practices should look like globally, it enshrines data subject rights that have been copied across jurisdictions, and when it took effect, it created a standard for the kinds of privacy protections people worldwide should be able to expect and demand from the entities that handle their personal data. On balance, the GDPR has definitely moved the needle in the right direction for giving people more control over their personal data and in protecting their privacy.

In a couple of key areas, however, we believe the way the GDPR has been applied to data flowing across the Internet has done nothing for privacy and in fact may even jeopardize the protection of personal data. The first area where we see this is with respect to cross-border data transfers. Location has become a proxy for privacy in the minds of many EU data protection regulators, and we think that is the wrong result. The second area is an overly broad interpretation of what constitutes “personal data” by some regulators with respect to Internet Protocol or “IP” addresses. We contend that IP addresses should not always count as personal data, especially when the entities handling IP addresses have no ability on their own to tie those IP addresses to individuals. This is important because the ability to implement a number of industry-leading cybersecurity measures relies on the ability to do threat intelligence on Internet traffic metadata, including IP addresses.  

Location should not be a proxy for privacy

Fundamentally, good data security and privacy practices should be able to protect personal data regardless of where that processing or storage occurs. Nevertheless, the GDPR is based on the idea that legal protections should attach to personal data based on the location of the data – where it is generated, processed, or stored. Articles 44 to 49 establish the conditions that must be in place in order for data to be transferred to a jurisdiction outside the EU, with the idea that even if the data is in a different location, the privacy protections established by the GDPR should follow the data. No doubt this approach was influenced by political developments around government surveillance practices, such as the revelations in 2013 of secret documents describing the relationship between the US NSA (and its Five Eyes partners) and large Internet companies, and that intelligence agencies were scooping up data from choke points on the Internet. And once the GDPR took effect, many data regulators in the EU were of the view that as a result of the GDPR’s restrictions on cross-border data transfers, European personal data simply could not be processed in the United States in a way that would be consistent with the GDPR.

This issue came to a head in July 2020, when the European Court of Justice (CJEU), in its “Schrems II” decision1, invalidated the EU-US Privacy Shield adequacy standard and questioned the suitability of the EU standard contractual clauses (a mechanism entities can use to ensure that GDPR protections are applied to EU personal data even if it is processed outside the EU). The ruling in some respects left data protection regulators with little room to maneuver on questions of transatlantic data flows. But while some regulators were able to view the Schrems II ruling in a way that would still allow for EU personal data to be processed in the United States, other data protection regulators saw the decision as an opportunity to double down on their view that EU personal data cannot be processed in the US consistent with the GDPR, therefore promoting the misconception that data localization should be a proxy for data protection.

In fact, we would argue that the opposite is the case. From our own experience and according to recent research2, we know that data localization threatens an organization’s ability to achieve integrated management of cybersecurity risk and limits an entity’s ability to employ state-of-the-art cybersecurity measures that rely on cross-border data transfers to make them as effective as possible. For example, Cloudflare’s Bot Management product only increases in accuracy with continued use on the global network: it detects and blocks traffic coming from likely bots before feeding back learnings to the models backing the product. A diversity of signal and scale of data on a global platform is critical to help us continue to evolve our bot detection tools. If the Internet were fragmented – preventing data from one jurisdiction being used in another – more and more signals would be missed. We wouldn’t be able to apply learnings from bot trends in Asia to bot mitigation efforts in Europe, for example. And if the ability to identify bot traffic is hampered, so is the ability to block those harmful bots from services that process personal data.

The need for industry-leading cybersecurity measures is self-evident, and it is not as if data protection authorities don’t realize this. If you look at any enforcement action brought against an entity that suffered a data breach, you see data protection regulators insisting that the impacted entities implement ever more robust cybersecurity measures in line with the obligation GDPR Article 32 places on data controllers and processors to “develop appropriate technical and organizational measures to ensure a level of security appropriate to the risk”, “taking into account the state of the art”. In addition, data localization undermines information sharing within industry and with government agencies for cybersecurity purposes, which is generally recognized as vital to effective cybersecurity.

In this way, while the GDPR itself lays out a solid framework for securing personal data to ensure its privacy, the application of the GDPR’s cross-border data transfer provisions has twisted and contorted the purpose of the GDPR. It’s a classic example of not being able to see the forest for the trees. If the GDPR is applied in such a way as to elevate the priority of data localization over the priority of keeping data private and secure, then the protection of ordinary people’s data suffers.

Applying data transfer rules to IP addresses could lead to balkanization of the Internet

The other key way in which the application of the GDPR has been detrimental to the actual privacy of personal data is related to the way the term “personal data” has been defined in the Internet context – specifically with respect to Internet Protocol or “IP” addresses. A world where IP addresses are always treated as personal data and therefore subject to the GDPR’s data transfer rules is a world that could come perilously close to requiring a walled-off European Internet. And as noted above, this could have serious consequences for data privacy, not to mention that it likely would cut the EU off from any number of global marketplaces, information exchanges, and social media platforms.

This is a bit of a complicated argument, so let’s break it down. As most of us know, IP addresses are the addressing system for the Internet. When you send a request to a website, send an email, or communicate online in any way, IP addresses connect your request to the destination you’re trying to access. These IP addresses are the key to making sure Internet traffic gets delivered to where it needs to go. As the Internet is a global network, this means it’s entirely possible that Internet traffic – which necessarily contains IP addresses – will cross national borders. Indeed, the destination you are trying to access may well be located in a different jurisdiction altogether. That’s just the way the global Internet works. So far, so good.

But if IP addresses are considered personal data, then they are subject to data transfer restrictions under the GDPR. And with the way those provisions have been applied in recent years, some data regulators were getting perilously close to saying that IP addresses cannot transit jurisdictional boundaries if it meant the data might go to the US. The EU’s recent approval of the EU-US Data Privacy Framework established adequacy for US entities that certify to the framework, so these cross-border data transfers are not currently an issue. But if the Data Privacy Framework were to be invalidated as the EU-US Privacy Shield was in the Schrems II decision, then we could find ourselves in a place where the GDPR is applied to mean that IP addresses ostensibly linked to EU residents can’t be processed in the US, or potentially not even leave the EU.

If this were the case, then providers would have to start developing Europe-only networks to ensure IP addresses never cross jurisdictional boundaries. But how would people in the EU and US communicate if EU IP addresses can’t go to the US? Would EU citizens be restricted from accessing content stored in the US? It’s an application of the GDPR that would lead to the absurd result – one surely not intended by its drafters. And yet, in light of the Schrems II case and the way the GDPR has been applied, here we are.

A possible solution would be to consider that IP addresses are not always “personal data” subject to the GDPR. In 2016 – even before the GDPR took effect – the Court of Justice of the European Union (CJEU) established the view in Breyer v. Bundesrepublik Deutschland that even dynamic IP addresses, which change with every new connection to the Internet, constituted personal data if an entity processing the IP address could link the IP addresses to an individual. While the court’s decision did not say that dynamic IP addresses are always personal data under European data protection law, that’s exactly what EU data regulators took from the decision, without considering whether an entity actually has a way to tie the IP address to a real person3.

The question of when an identifier qualifies as “personal data” is again before the CJEU: In April 2023, the lower EU General Court ruled in SRB v EDPS4 that transmitted data can be considered anonymised and therefore not personal data if the data recipient does not have any additional information reasonably likely to allow it to re-identify the data subjects and has no legal means available to access such information. The appellant – the European Data Protection Supervisor (EDPS) – disagrees. The EDPS, who mainly oversees the privacy compliance of EU institutions and bodies, is appealing the decision and arguing that a unique identifier should qualify as personal data if that identifier could ever be linked to an individual, regardless of whether the entity holding the identifier actually had the means to make such a link.

If the lower court’s common-sense ruling holds, one could argue that IP addresses are not personal data when those IP addresses are processed by entities like Cloudflare, which have no means of connecting an IP address to an individual. If IP addresses are then not always personal data, then IP addresses will not always be subject to the GDPR’s rules on cross-border data transfers.

Although it may seem counterintuitive, having a standard whereby an IP address is not necessarily “personal data” would actually be a positive development for privacy. If IP addresses can flow freely across the Internet, then entities in the EU can use non-EU cybersecurity providers to help them secure their personal data. Advanced Machine Learning/predictive AI techniques that look at IP addresses to protect against DDoS attacks, prevent bots, or otherwise guard against personal data breaches will be able to draw on attack patterns and threat intelligence from around the world to the benefit of EU entities and residents. But none of these benefits can be realized in a world where IP addresses are always personal data under the GDPR and where the GDPR’s data transfer rules are interpreted to mean IP addresses linked to EU residents can never flow to the United States.

Keeping privacy in focus

On this Data Privacy Day, we urge EU policy makers to look closely at how the GDPR is working in practice, and to take note of the instances where the GDPR is applied in ways that place privacy protections above all other considerations – even appropriate security measures mandated by the GDPR’s Article 32 that take into account the state of the art of technology. When this happens, it can actually be detrimental to privacy. If taken to the extreme, this formulaic approach would not only negatively impact cybersecurity and data protection, but even put into question the functioning of the global Internet infrastructure as a whole, which depends on cross-border data flows. So what can be done to avert this?

First, we believe EU policymakers could adopt guidelines (if not legal clarification) for regulators that IP addresses should not be considered personal data when they cannot be linked by an entity to a real person. Second, policymakers should clarify that the GDPR’s application should be considered with the cybersecurity benefits of data processing in mind. Building on the GDPR’s existing recital 49, which rightly recognizes cybersecurity as a legitimate interest for processing, personal data that needs to be processed outside the EU for cybersecurity purposes should be exempted from GDPR restrictions to international data transfers. This would avoid some of the worst effects of the mindset that currently views data localization as a proxy for data privacy. Such a shift would be a truly pro-privacy application of the GDPR.

1 Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems.
2 Swire, Peter and Kennedy-Mayo, DeBrae and Bagley, Andrew and Modak, Avani and Krasser, Sven and Bausewein, Christoph, Risks to Cybersecurity from Data Localization, Organized by Techniques, Tactics, and Procedures (2023).
3 Different decisions by the European data protection authorities, namely the Austrian DSB (December 2021), the French CNIL (February 2022) and the Italian Garante (June 2022), while analyzing the use of Google Analytics, have rejected the relative approach used by the Breyer case and considered that an IP address should always be considered as personal data. Only the decision issued by the Spanish AEPD (December 2022) followed the same interpretation of the Breyer case. In addition, see paragraphs 109 and 136 in Guidelines by Supervisory Authorities for Tele-Media Providers, DSK (2021).
4 Single Resolution Board v EDPS, Court of Justice of the European Union, April 2023.

AWS named as a Leader in 2023 ISG Provider Lens report for Multi Public Cloud Services – Sovereign Cloud Infrastructure Services (EU)

Post Syndicated from Marta Taggart original https://aws.amazon.com/blogs/security/aws-named-as-a-leader-in-2023-isg-provider-lens-report-for-multi-public-cloud-services-sovereign-cloud-infrastructure-services-eu/

Amazon Web Services (AWS) is named as a Leader in the 2023 ISG Provider Lens Quadrant Report for Multi Public Cloud Services – Sovereign Cloud Infrastructure Services (EU), published on January 8, 2024. This first-ever Information Services Group (ISG) report evaluates providers of sovereign cloud infrastructure services in the multi public cloud environment and examines how they address the key challenges that confront enterprise clients in the European Union (EU). ISG defines Leaders as representing innovative strength and competitive stability.

AWS received the highest score among the providers that ISG evaluated on portfolio attractiveness, which was assessed on multiple factors, including:

  • Scope of portfolio – breadth and depth of offering
  • Portfolio quality – technology and skills, customer satisfaction, and security
  • Strategy and vision – product roadmap, thought leadership, and investments
  • Local characteristics – product support and infrastructure

According to ISG, “AWS’ network of data centers across the EU provides sovereign cloud services that are highly scalable. The AWS Nitro System, the foundation of AWS’ cloud services, ensures data residency, privacy, and sovereignty.”

Read the report to:

  • Gain perspective on the factors that ISG believes will influence the sovereign cloud market in the EU.
  • Discover some of the considerations that enterprises in the EU should consider when evaluating sovereign cloud infrastructure services.
  • Learn how the AWS Cloud is sovereign-by-design and how we continue to innovate without compromising on the full power of AWS.

The recognition of AWS as a Leader in this report highlights the work that we have undertaken to help address the complexity that European customers are facing in the evolving sovereignty landscape. AWS continues to deliver on the AWS Digital Sovereignty Pledge by investing in a comprehensive and ambitious roadmap of capabilities of data residency, granular access restriction, encryption, and resilience to provide customers with more choice in meeting their unique needs. Our recent innovations to help customers address their local regulatory requirements and sovereignty needs include AWS Dedicated Local Zones and the announcement of plans to launch the AWS European Sovereign Cloud. Download the full 2023 ISG Provider Lens Quadrant Report for Multi Public Cloud Services – Sovereign Cloud Infrastructure Services (EU) from AWS.

If you have feedback about this post, submit comments in the Comments section below.

Author

Marta Taggart

Marta is a Seattle-native and Principal Product Marketing Manager in AWS Security Product Marketing, where she focuses on data protection services and digital sovereignty. Outside of work, you’ll find her trying to convince Jack, her rescue dog, not to chase squirrels (with limited success).

AWS achieves TISAX certification (Information with Very High Protection Needs (AL3)

Post Syndicated from Janice Leung original https://aws.amazon.com/blogs/security/aws-achieves-tisax-certification-information-with-very-high-protection-needs-al3/

We’re excited to announce the completion of the Trusted Information Security Assessment Exchange (TISAX) certification on June 30, 2022 for 19 AWS Regions. These Regions achieved the Information with Very High Protection Needs (AL3) label for the control domains Information Handling and Data Protection. This alignment with TISAX requirements demonstrates our continued commitment to adhere to the heightened expectations for cloud service providers. AWS automotive customers can run their applications in the AWS Cloud certified Regions in confidence.

The following 19 Regions are currently TISAX certified:

  • US East (Ohio)
  • US East (Northern Virginia)
  • US West (Oregon)
  • Africa (Cape Town)
  • Asia Pacific (Hong Kong)
  • Asia Pacific (Mumbai)
  • Asia Pacific (Osaka)
  • Asia Pacific (Korea)
  • Asia Pacific (Singapore)
  • Asia Pacific (Sydney)
  • Asia Pacific (Tokyo)
  • Canada (Central)
  • Europe (Frankfurt)
  • Europe (Ireland)
  • Europe (London)
  • Europe (Milan)
  • Europe (Paris)
  • Europe (Stockholm)
  • South America (Sao Paulo)

TISAX is a European automotive industry-standard information security assessment (ISA) catalog based on key aspects of information security, such as data protection and connection to third parties.

AWS was evaluated and certified by independent third-party auditors on June 30, 2022. The Certificate of Compliance demonstrating the AWS compliance status is available on the European Network Exchange (ENX) Portal (the scope ID and assessment ID are SM22TH and AYA2D4-1, respectively) and through AWS Artifact. AWS Artifact is a self-service portal for on-demand access to AWS compliance reports. Sign in to AWS Artifact in the AWS Management Console, or learn more at Getting Started with AWS Artifact.

For up-to-date information, including when additional Regions are added, see the AWS Compliance Program, and choose TISAX.

AWS strives to continuously bring services into scope of its compliance programs to help you meet your architectural and regulatory needs. Please reach out to your AWS account team if you have questions or feedback about TISAX compliance.

To learn more about our compliance and security programs, see AWS Compliance Programs. As always, we value your feedback and questions; reach out to the AWS Compliance team through the Contact Us page.

If you have feedback about this post, submit comments in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Author

Janice Leung

Janice is a security audit program manager at AWS, based in New York. She leads security audits across Europe and has previously worked in security assurance and technology risk management in the financial industry for 10 years.

Introducing the Customer Metadata Boundary

Post Syndicated from Jon Levine original https://blog.cloudflare.com/introducing-the-customer-metadata-boundary/

Introducing the Customer Metadata Boundary

Introducing the Customer Metadata Boundary

Data localisation has gotten a lot of attention in recent years because a number of countries see it as a way of controlling or protecting their citizens’ data. Countries such as Australia, China, India, Brazil, and South Korea have or are currently considering regulations that assert legal sovereignty over their citizens’ personal data in some fashion — health care data must be stored locally; public institutions may only contract with local service providers, etc.

In the EU, the recent “Schrems II” decision resulted in additional requirements for companies that transfer personal data outside the EU. And a number of highly regulated industries require that specific types of personal data stay within the EU’s borders.

Cloudflare is committed to helping our customers keep personal data in the EU. Last year, we introduced the Data Localisation Suite, which gives customers control over where their data is inspected and stored.

Today, we’re excited to introduce the Customer Metadata Boundary, which expands the Data Localisation Suite to ensure that a customer’s end user traffic metadata stays in the EU.

Metadata: a primer

“Metadata” can be a scary term, but it’s a simple concept — it just means “data about data.” In other words, it’s a description of activity that happened on our network. Every service on the Internet collects metadata in some form, and it’s vital to user safety and network availability.

At Cloudflare, we collect metadata about the usage of our products for several purposes:

  • Serving analytics via our dashboards and APIs
  • Sharing logs with customers
  • Stopping security threats such as bot or DDoS attacks
  • Improving the performance of our network
  • Maintaining the reliability and resiliency of our network

What does that collection look like in practice at Cloudflare? Our network consists of dozens of services: our Firewall, Cache, DNS Resolver, DDoS protection systems, Workers runtime, and more. Each service emits structured log messages, which contain fields like timestamps, URLs, usage of Cloudflare features, and the identifier of the customer’s account and zone.

These messages do not contain the contents of customer traffic, and so they do not contain things like usernames, passwords, personal information, and other private details of customers’ end users. However, these logs may contain end-user IP addresses, which is considered personal data in the EU.

Data Localisation in the EU

The EU’s General Data Protection Regulation, or GDPR, is one of the world’s most comprehensive (and well known) data privacy laws. The GDPR does not, however, insist that personal data must stay in Europe. Instead, it provides a number of legal mechanisms to ensure that GDPR-level protections are available for EU personal data if it is transferred outside the EU to a third country like the United States. Data transfers from the EU to the US were, until recently, permitted under an agreement called the EU-U.S. Privacy Shield Framework.

Shortly after the GDPR went into effect, a privacy activist named Max Schrems filed suit against Facebook for their data collection practices. In July 2020, the Court of Justice of the EU issued the “Schrems II” ruling — which, among other things, invalidated the Privacy Shield framework. However, the court upheld other valid transfer mechanisms that ensure EU personal data won’t be accessed by U.S. government authorities in a way that violates the GDPR.

Since the Schrems II decision, many customers have asked us how we’re protecting EU citizens’ data. Fortunately, Cloudflare has had data protection safeguards in place since well before the Schrems II case, such as our industry-leading commitments on government data requests. In response to Schrems II in particular, we updated our customer Data Processing Addendum (DPA). We incorporated the latest Standard Contractual Clauses, which are legal agreements approved by the EU Commission that enable data transfer. We also added additional safeguards as outlined in the EDPB’s June 2021 Recommendations on Supplementary Measures. Finally, Cloudflare’s services are certified under the ISO 27701 standard, which maps to the GDPR’s requirements.

In light of these measures, we believe that our EU customers can use Cloudflare’s services in a manner consistent with GDPR and the Schrems II decision. Still, we recognize that many of our customers want their EU personal data to stay in the EU. For example, some of our customers in industries like healthcare, law, and finance may have additional requirements.  For that reason, we have developed an optional suite of services to address those requirements. We call this our Data Localisation Suite.

How the Data Localisation Suite helps today

Data Localisation is challenging for customers because of the volume and variety of data they handle. When it comes to their Cloudflare traffic, we’ve found that customers are primarily concerned about three areas:

  1. How do I ensure my encryption keys stay in the EU?
  2. How can I ensure that services like caching and WAF only run in the EU?
  3. How can ensure that metadata is never transferred outside the EU?

To address the first concern, Cloudflare has long offered Keyless SSL and Geo Key Manager, which ensure that private SSL/TLS key material never leaves the EU. Keyless SSL ensures that Cloudflare never has possession of the private key material at all; Geo Key Manager uses Keyless SSL under the hood to ensure the keys never leave the specified region.

Last year we addressed the second concern with Regional Services, which ensures that Cloudflare will only be able to decrypt and inspect the content of HTTP traffic inside the EU. In other words, SSL connections will only be terminated in Europe, and all of our layer 7 security and performance services will only run in our EU data centers.

Today, we’re enabling customers to address the third and final concern, and keep metadata local as well.

How the Metadata Boundary Works

The Customer Metadata Boundary ensures, simply, that end user traffic metadata that can identify a customer stays in the EU. This includes all the logs and analytics that a customer sees.

How are we able to do this? All the metadata that can identify a customer flows through a single service at our edge, before being forwarded to one of our core data centers.

When the Metadata Boundary is enabled for a customer, our edge ensures that any log message that identifies that customer (that is, contains that customer’s Account ID) is not sent outside the EU. It will only be sent to our core data center in the EU, and not our core data center in the US.

Introducing the Customer Metadata Boundary

What’s next

Today our Data Localisation Suite is focused on helping our customers in the EU localise data for their inbound HTTP traffic. This includes our Cache, Firewall, DDoS protection, and Bot Management products.

We’ve heard from customers that they want data localisation for more products and more regions. This means making all of our Data Localisation Products, including Geo Key Manager and Regional Services, work globally. We’re also working on expanding the Metadata Boundary to include our Zero Trust products like Cloudflare for Teams. Stay tuned!

New Standard Contractual Clauses now part of the AWS GDPR Data Processing Addendum for customers

Post Syndicated from Stéphane Ducable original https://aws.amazon.com/blogs/security/new-standard-contractual-clauses-now-part-of-the-aws-gdpr-data-processing-addendum-for-customers/

Today, we’re happy to announce an update to our online AWS GDPR Data Processing Addendum (AWS GDPR DPA) and our online Service Terms to include the new Standard Contractual Clauses (SCCs) that the European Commission (EC) adopted in June 2021. The EC-approved SCCs give our customers the ability to comply with the General Data Protection Regulation (GDPR) when they transfer personal data subject to GDPR to countries outside the European Economic Area (EEA) that haven’t received an EC adequacy decision (third countries). The new SCCs are now better adapted to how our customers operate their applications or run their workloads in the cloud, because they cover different transfer scenarios, and also provide enhanced safeguards for data transfers.

Achieving compliance with GDPR is critical for hundreds of thousands of AWS customers and AWS. The new SCCs allow all AWS customers that are controllers or processors under GDPR to continue to transfer personal data from their AWS accounts in compliance with GDPR. As part of the online Service Terms, the new SCCs will apply automatically whenever an AWS customer uses AWS services to transfer customer data to third countries.

The updated AWS GDPR DPA incorporating the new SCCs supplements our announcement in February 2021 of strengthened commitments to protect customer data, such as challenging law enforcement requests that conflict with EU law. We have also published the blog post How AWS is helping EU customers navigate the new normal for data protection, and the whitepaper Navigating Compliance with EU Data Transfer Requirements to help AWS customers conduct their data transfer assessments and comply with GDPR, the Schrems II ruling, and the recommendations issued by the European Data Protection Board. AWS is constantly working to ensure that our customers can enjoy the benefits of AWS everywhere they operate, and we welcome the new SCCs because they enable our customers to continue using AWS services in compliance with GDPR. If you have questions or need more information, visit our EU Data Protection page and our GDPR Center.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Author

Stéphane Ducable

Stéphane is Vice President of Public Policy – EMEA at AWS. He is focused on increasing awareness of the benefits of adopting cloud computing technology across the EMEA region.

AWS IQ expansion: Connect with Experts and Consulting Firms based in the UK and France

Post Syndicated from Alex Casalboni original https://aws.amazon.com/blogs/aws/aws-iq-expansion-experts-uk-france/

AWS IQ launched in 2019 and has been helping customers worldwide engage thousands of AWS Certified third-party experts and consulting firms for on-demand project work. Whether you need to learn about AWS, plan your project, setup new services, migrate existing applications, or optimize your spend, AWS IQ connects you with experts and consulting firms who can help. You can share your project objectives with a description, receive responses within the AWS IQ application, approve permissions and budget, and will be charged directly through AWS billing.

Until yesterday, experts had to reside in the United States to offer their hands-on help on AWS IQ. Today, I’m happy to announce that AWS Certified experts and consulting firms based in the UK and France can participate in AWS IQ.

If you are an AWS customer based in the UK or France and need to connect with local AWS experts, now you can reach out to a wider pool of experts and consulting firms during European business hours. When creating a new project, you can now indicate a preferred expert location.

As an AWS Certified expert you can now view the buyer’s preferred expert location to ensure the right fit. AWS IQ simplifies finding relevant opportunities and it helps you access a customer’s AWS environment securely. It also takes care of billing so more time is spent on solving customer problems, instead of administrative tasks. Your payments will be disbursed by AWS Marketplace in USD towards a US bank account. If you don’t already have a US bank account, you may be able to obtain one through third-party services such as Hyperwallet.

AWS IQ User Interface Update
When you create a new project request, you can select a Preferred expert or firm location: Anywhere, France, UK, or US.

Check out Jeff Barr’s launch article to learn more about the full request creation process.

You can also work on the same project with multiple experts from different locations.

When browsing experts and firms, you will find their location under the company name and reviews.

Available Today
AWS IQ is available for customers anywhere in the world (except China) for all sorts of project work, delivered by AWS experts in the United States, the United Kingdom, and France. Get started by creating your project request on iq.aws.amazon.com. Here you can discover featured experts or browse experts for a specific service such as Amazon Elastic Compute Cloud (EC2) or DynamoDB.

If you’re interested in getting started as an expert, check out AWS IQ for Experts. Your profile will showcase your AWS Certifications as well as the ratings and reviews from completed projects.

I’m excited about the expansion of AWS IQ for experts based in the UK and France, and I’m looking forward to further expansions in the future.

Alex

How AWS is helping EU customers navigate the new normal for data protection

Post Syndicated from Stephen Schmidt original https://aws.amazon.com/blogs/security/how-aws-is-helping-eu-customers-navigate-the-new-normal-for-data-protection/

Achieving compliance with the European Union’s data protection regulations is critical for hundreds of thousands of Amazon Web Services (AWS) customers. Many of them are subject to the EU’s General Data Protection Regulation (GDPR), which ensures individuals’ fundamental right to privacy and the protection of personal data. In February, we announced strengthened commitments to protect customer data, such as challenging law enforcement requests for customer data that conflict with EU law.

Today, we’re excited to announce that we’ve launched two new online resources to help customers more easily complete data transfer assessments and comply with the GDPR, taking into account the European Data Protection Board (EDPB) recommendations. These resources will also assist AWS customers in other countries to understand whether their use of AWS services involves a data transfer.

Using AWS’s new “Privacy Features for AWS Services,” customers can determine whether their use of an individual AWS service involves the transfer of customer data (the personal data they’ve uploaded to their AWS account). Knowing this information enables customers to choose the right action for their applications, such as opting out of the data transfer or creating an appropriate disclosure of the transfer for end user transparency.

We’re also providing additional information on the processing activities and locations of the limited number of sub-processors that AWS engages to provide services that involve the processing of customer data. AWS engages three types of sub-processors:

  • Local AWS entities that provide the AWS infrastructure.
  • AWS entities that process customer data for specific AWS services.
  • Third parties that AWS contracts with to provide processing activities for specific AWS services.

The enhanced information available on our updated Sub-processors page enables customers to assess if a sub-processor is relevant to their use of AWS services and AWS Regions.

These new resources make it easier for AWS customers to conduct their data transfer assessments as set out in the EDPB recommendations and, as a result, comply with GDPR. After completing their data transfer assessments, customers will also be able to determine whether they need to implement supplemental measures in line with the EDPB’s recommendations.

These resources support our ongoing commitment to giving customers control over where their data is stored, how it’s stored, and who has access to it.

Since we opened our first region in the EU in 2007, customers have been able to choose to store customer data with AWS in the EU. Today, customers can store their data in our AWS Regions in France, Germany, Ireland, Italy, and Sweden, and we’re adding Spain in 2022. AWS will never transfer data outside a customer’s selected AWS Region without the customer’s agreement.

AWS customers control how their data is stored, and we have a variety of tools at their disposal to enhance security. For example, AWS CloudHSM and AWS Key Management Service (AWS KMS) allow customers to encrypt data in transit and at rest and securely generate and manage encryption keys that they control.

Finally, our customers control who can access their data. We never use customer data for marketing or advertising purposes. We also prohibit, and our systems are designed to prevent, remote access by AWS personnel to customer data for any purpose, including service maintenance, unless requested by a customer, required to prevent fraud and abuse, or to comply with the law.

As previously mentioned, we challenge law enforcement requests for customer data from governmental bodies, whether inside or outside the EU, where the request conflicts with EU law, is overbroad, or we otherwise have any appropriate grounds to do so.

Earning customer trust is the foundation of our business at AWS, and we know protecting customer data is key to achieving this. We also know that helping customers protect their data in a world with constantly changing regulations, technology, and risks takes teamwork. We would never expect our customers to go it alone.

As we continue to enhance the capabilities customers have at their fingertips, they can be confident that choosing AWS will ensure they have the tools necessary to help them meet the most stringent security, privacy, and compliance requirements.

If you have questions or need more information, visit our EU Data Protection page.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Author

Steve Schmidt

Steve is Vice President and Chief Information Security Officer for AWS. His duties include leading product design, management, and engineering development efforts focused on bringing the competitive, economic, and security benefits of cloud computing to business and government customers. Prior to AWS, he had an extensive career at the Federal Bureau of Investigation, where he served as a senior executive and section chief. He currently holds 11 patents in the field of cloud security architecture. Follow Steve on Twitter.

Author

Donna Dodson

Donna is a Senior Principal Scientist at AWS focusing on security and privacy capabilities including cryptography, risk management, standards, and assessments. Before joining AWS, Donna was the Chief Cybersecurity Advisor at the National Institute of Standards and Technology (NIST). She led NIST’s comprehensive cybersecurity research and development to cultivate trust in technology for stakeholders nationally and internationally.

The UEFA EURO 2020 final as seen online by Cloudflare Radar

Post Syndicated from John Graham-Cumming original https://blog.cloudflare.com/the-uefa-euro-2020-final-as-seen-online-by-cloudflare-radar/

The UEFA EURO 2020 final as seen online by Cloudflare Radar

Last night’s Italy-England match was a nail-biter. 1-1 at full time, 1-1 at the end of extra time, and then an amazing penalty shootout with incredible goalkeeping by Pickford and Donnarumma.

Cloudflare has been publishing statistics about all the teams involved in EURO 2020 and traffic to betting websites, sports newspapers, streaming services and sponsors. Here’s a quick look at some specific highlights from England’s and Italy’s EURO 2020.

Two interesting peaks show up in UK visits to sports newspapers: the day after England-Germany and today after England’s defeat. Looks like fans are hungry for analysis and news beyond the goals. You can see all the data on the dedicated England EURO 2020 page on Cloudflare Radar.

The UEFA EURO 2020 final as seen online by Cloudflare Radar

But it was a quiet morning for the websites of the England team’s sponsors.

The UEFA EURO 2020 final as seen online by Cloudflare Radar

Turning to the winners, we can see that Italian readers are even more interested in knowing more about their team’s success.

The UEFA EURO 2020 final as seen online by Cloudflare Radar

And this enthusiasm spills over into visits to the Italian team’s sponsors.

The UEFA EURO 2020 final as seen online by Cloudflare Radar

You can follow along on the dedicated Cloudflare Radar page for Italy in EURO 2020.

Visit Cloudflare Radar for information on global Internet trends, trending domains, attacks and usage statistics.

C5 Type 2 attestation report now available with one new Region and 123 services in scope

Post Syndicated from Mercy Kanengoni original https://aws.amazon.com/blogs/security/c5-type-2-attestation-report-available-one-new-region-123-services-in-scope/

Amazon Web Services (AWS) is pleased to announce the issuance of the 2020 Cloud Computing Compliance Controls Catalogue (C5) Type 2 attestation report. We added one new AWS Region (Europe-Milan) and 21 additional services and service features to the scope of the 2020 report.

Germany’s national cybersecurity authority, Bundesamt für Sicherheit in der Informationstechnik (BSI), established C5 to define a reference standard for German cloud security requirements. Customers in Germany and other European countries can use AWS’s attestation report to help them meet local security requirements of the C5 framework.

The C5 Type 2 report covers the time period October 1, 2019, through September 30, 2020. It was issued by an independent third-party attestation organization and assesses the design and the operational effectiveness of AWS’s controls against C5’s basic and additional criteria. This attestation demonstrates our commitment to meet the security expectations for cloud service providers set by the BSI in Germany.

We continue to add new Regions and services to the C5 compliance scope so that you have more services to choose from that meet regulatory and compliance requirements. AWS has added the Europe (Milan) Region and the following 21 services and service features to this year’s C5 scope:

You can see a current list of the services in scope for C5 on the AWS Services in Scope by Compliance Program page. The C5 report and Continuing Operations Letter is available to AWS customers through AWS Artifact. For more information, see Cloud Computing Compliance Controls Catalogue (C5).

If you have feedback about this post, submit comments in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Author

Mercy Kanengoni

Mercy is a Security Audit Program Manager at AWS. She leads security audits across Europe, and she has previously worked in security assurance and technology risk management.