Conclusion

This whitepaper has explained the background to securing systems deployed to the AWS Cloud effectively in the context of Healthcare in the UK. It has described the detailed considerations to achieving compliance with the Good Practice Guide for cloud security, beginning with workload risk classification, and going on to show how the Good Practice Guide’s Principles apply specifically to many of the AWS services likely to be used by organisations needing to adhere to the Good Practice Guide. To constrain the document to a digestible size, the step-by-step instructions have been omitted. The reader can find step-by-step instructions through the links provided in each section. This paper concludes with concrete suggestions on how to address what can be the most challenging aspect of compliance: maintaining it in a constantly changing environment.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Maintaining compliance

Contributors