PERFORMANCE

Amazon Web Services (AWS) operates the cloud infrastructure for Synergy. The AWS infrastructure includes the facilities, network, and hardware as well as some operational software (e.g., host OS, virtualization software, etc.) that support the provisioning and use of these resources.

PHYSICAL AND ENVIRONMENTAL SECURITY

AWS’s data centres are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing, constructing, and operating large‐scale data centres. This experience has been applied to the AWS platform and infrastructure. AWS data centres are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two‐factor authentication a minimum of two times to access data centre floors.

All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. AWS only provides data centre access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centres by AWS employees is logged and audited routinely.

SECURITY

As an AWS customer, you can be assured that you’re building web architectures on top of some of the most secure computing infrastructure in the world. The AWS infrastructure is designed and managed according to security best practices as well as a variety of security compliance standards.

AWS COMPLIANCE PROGRAM

The AWS Compliance Program enables customers to understand the robust security in place and then helps them streamline their compliance with industry and government requirements for security and data protection. The IT infrastructure that AWS provides to its customers is designed and managed in alignment with best security practices and a variety of IT security standards, including:

  • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II)
  • SOC 2
  • FISMA, DIACAP, and FedRAMP
  • PCI DSS Level 1
  • ISO 27001
  • ITAR
  • FIPS 140‐2
SECURE NETWORK ARCHITECTURE

Network devices, including firewall and other boundary devices, are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network. These boundary devices employ rule sets, access control lists (ACL), and configurations to enforce the flow of information to specific information system services.

ACLs, or traffic flow policies, are established on each managed interface, which manage and enforce the flow of traffic. ACL policies are approved by Amazon Information Security. These policies are automatically pushed using AWS’s ACLManage tool, to help ensure these managed interfaces enforce the most up‐to‐date ACLs.