Security & Compliance for Energy & Utilities

Energy and utility companies face unique security, regulatory, and compliance obligations on a global scale including, managing operations, security and resilience for critical infrastructure. To meet the challenges of growing data volumes for reliable operations, and to manage a changing operational landscape, AWS offers energy and utility operators services to expand resiliency and elevate security.

AWS can help you explore the resources available through the partnership of shared security responsibility, resilience of global infrastructure, and enhanced visibility and automation available through cloud technology.

Infrastructure to elevate security and resilience in the cloud

As an AWS customer, you will benefit from a data center and network architecture built to meet requirements of the most security-sensitive organizations.

AWS Global Infrastructure expands your operational resilience by allowing customers to choose from multiple AWS Regions to build their cloud environments and meet their resiliency requirements beyond the typical primary and back-up data center resources available on-premises.

AWS Compliance supports more security standards and compliance certifications than any other offering including ISO, SOC, PCI-DSS, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, and more.

AWS Security, Identity, and Compliance offerings help customers to encrypt data, manage access, monitor network traffic, analyze data for anomalous activity with machine learning capabilities, mitigate DDoS attacks, and send alerts whenever changes are made to AWS resources.

Learn more »

Services to achieve your security and compliance objectives

AWS provides you with guidance and expertise through online resources, personnel and partners. You get access to hundreds of tools and features to help you to meet your security objectives. AWS environments are continuously audited, with certifications from accreditation bodies across geographies and verticals.

Shared Responsibility

Security and Compliance is a shared responsibility between AWS and the customer. AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. The customer is responsible for security of the services, applications, and configurations built “in” the AWS cloud.

Management and Governance

AWS supports customer efforts to define and construct their security responsibilities through resources such as the AWS Cloud Adoption Framework (CAF) and Well-Architected best practices to plan and execute your digital transformation at scale.

Training and Certification

Extensive educational resources such as training and certification resources, AWS Workshops including immersion days, and more are available to AWS customers and can be curated to meet the specific needs of your teams.

Learn more »

Customer Resources

AWS Energy & Utility security and compliance experts develop content and resources to help you create scalable, secure, cloud platforms. Each is designed to complement your security goals, strategies, and tactics in alignment with global regulatory requirements. AWS security and compliance guidance, features, and enablers help support utilities in aligning with regulatory requirements and industry recognized cyber security frameworks such as those for the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards for BES Cyber System Information (BCSI), ITAR, the NIST Cyber Security Framework (CSF), and the Cybersecurity Maturity Model Certification (CMMC).

AWS Compliance Center

The AWS Compliance Center is an interactive tool that offers a central location to research cloud-related regulatory requirements in 54 countries. The tool helps customers browse country-specific resources, identify local regulatory requirements, and view AWS compliance programs that may apply to that country. AWS has customers throughout the world and is continually adapting to evolving regulations.

Learn more »

AWS Security Documentation

The security documentation repository shows customers how to configure AWS services to meet their organization’s security and compliance objectives. AWS customers benefit from data centers and network architectures that are built to meet the requirements of the most security-sensitive organizations.

Learn more »

AWS Well-Architected Framework

The AWS Well-Architected Framework has been developed to help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. Based on six pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability —the framework provides a consistent approach for customers and partners to evaluate architectures and implement designs that will scale over time.

AWS Artifact Tool

The AWS Artifact Tool is a globally available customer portal that provides on-demand access to AWS and Independent Software Vendor (ISV) compliance reports. It offers documentation of controls relevant to specific AWS services and validation that AWS controls are operating effectively. Customers can use the reports to align AWS controls to their own control frameworks and verify that AWS controls are performing successfully. View AWS Services in Scope by Compliance Program or access AWS Artifact from the AWS Management Console.