This platform is hosted on Amazon Web Services (AWS) (external link), a cloud hosting service offered by Amazon.com. Specifically, it is hosted in a data center run by Amazon.com in Mumbai, India. Amazon.com has intense focus on infrastructure and procedural security for software applications hosted on AWS. This enables the platform to benefit from AWS's continued focus and innovations in cloud security and related areas.
Amazon.com maintains up-to-date help centers dedicated to Security (external link) and Compliance (external link). Greater insight into AWS security related policies and procedures for physical infrastructure can be obtained by following these links.
Key aspects of infrastructure security on AWS are listed below.
[View/ Hide All]
AWS data centers comply with many global and local compliance standards, including, but not limited to:
- Global standards
- CSA - Cloud Security Alliance controls
- ISO 9001 - quality
- ISO 27001 - security management controls
- ISO 27017 - cloud-specific controls
- ISO 27018 - person data protection
- United States
- FIPS - data security
- NIST - national standards
Source: AWS Compliance Portal (external link)
AWS infrastructure is regularly assessed, audited and certified by competent, globally recognized third parties. The AWS Compliance Portal provides links to certificates obtained from third-party auditors for each of the compliance programs the infrastructure complies with.
Sample 1: ISO 9001:2015 certification (external link)
Sample 2: ISO 27001:2013 certification (external link)