Amazon Web Services (AWS) announced on June 13 that Samsung SDS, LG CNS and SK Shieldus are its security competency partners for last year, that is, satisfied the highest level of security requirements in AWS last year.
At its media briefing on June 13, AWS also stressed the importance of the joint responsibility of a cloud service provider and an enterprise client for cloud security enhancement. “In our responsible sharing model, AWS can ensure security in terms of network and infrastructure and an enterprise client can be responsible for safe application establishment in the cloud environment of AWS,” it said, adding, “This can be defined as the client’s application-level security configuration management based on guidelines, encryption tools and model cases provided by AWS.”
AWS is the first global cloud service provider with the Korea Information Security Management System (K-ISMS) certification. South Korean enterprises in need of the certification can save time and cost via AWS as an alternative to certification on their own.
On the other hand, AWS is yet to meet the Cloud Security Assurance Program (CSAP) for a cloud firm to provide its service at a public institution in South Korea. The program requires various conditions, including data center location disclosure and physical separation between public and private cloud servers. As of now, these conditions are hard to meet for global cloud service providers.
“In the Indo-Pacific Economic Framework, cloud security certification is an international trade barrier that needs to be eliminated,” AWS explained, continuing, “At least some parts irrelevant to national security need to be designed in accordance with international standards rather than data localization.”