Cloud Industry News Analysis & Insights on Ulitzer

Tim Negris

Subscribe to Tim Negris: eMailAlertsEmail Alerts
Get Tim Negris: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Cloud Hosting & Service Providers Journal, Cloud Computing Newswire, Amazon Cloud Journal


Amazon Cloud Gains Major Security Certification

ISO 27001 Standard Assures Comprehensive Security Management is in Place

On Amazon's Web Services Blog, their indefatigable cloud evangelist, Jeff Barr just announced that the company has received certification of compliance with the standard formally called ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems - Requirements and known to most simply as "ISO 27001".  The standard specifies an explicit, auditable information security management system for risk assessment and threat response and AWS's compliance sends a strong signal to the market about its readiness to handle the really serious stuff.

The key themes of this standard are:

  • Systematic examination of security risks, accounting for threats, vulnerabilities, and impacts

  • Implementation of a comprehensive set of controls and risk avoidance and transfer processes

  • Adoption of a management system for ongoing security assessment and improvement

Amazon's ISO 27001 certification follows on their SAS 70 Type II audit last year, which is an important third-party assessment of their operational performance and security for safeguarding customer data.  These are both key security milestones for the Amazon cloud, as Barr indicated to users in his blog entry, stating, "Together, SAS 70 and ISO 27001 should give you a lot of confidence in the strength and maturity of our operating practices and procedures over information security."

More Stories By Tim Negris

Tim Negris is SVP, Marketing & Sales at Yottamine Analytics, a pioneering Big Data machine learning software company. He occasionally authors software industry news analysis and insights on, is a 25-year technology industry veteran with expertise in software development, database, networking, social media, cloud computing, mobile apps, analytics, and other enabling technologies.

He is recognized for ability to rapidly translate complex technical information and concepts into compelling, actionable knowledge. He is also widely credited with coining the term and co-developing the concept of the “Thin Client” computing model while working for Larry Ellison in the early days of Oracle.

Tim has also held a variety of executive and consulting roles in a numerous start-ups, and several established companies, including Sybase, Oracle, HP, Dell, and IBM. He is a frequent contributor to a number of publications and sites, focusing on technologies and their applications, and has written a number of advanced software applications for social media, video streaming, and music education.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.