ABOUT

The purpose of this article is to help you set up the rules to deploy in your AWS infrastructure. Les règles ont pour objectif :

• Make your infrastructure more secure than default,

• Make you ISO 27001 compliant,

• Make you GDPR compliant,

• Do not have too much impact on the production of your teams.

ISO 27001

ISO 27001 has become a global benchmark for information security and is used by many organizations to assess and improve their information security. It can also be used as a means to demonstrate compliance with specific security requirements, such as government regulations or customer requirements.

Be aware that just because a company is ISO 27001 certified does not mean it is implementing appropriate security measures.

GPDR

The GDPR (General Data Protection Regulation) is a European regulation that aims to strengthen the protection of personal data of European Union citizens.

The role of the GDPR is to give individuals greater control over their personal data, as well as greater visibility into how that data is collected, stored, used and shared by organizations. The regulation also requires organizations to put in place appropriate technical and organizational security measures to protect personal data from loss, theft or unauthorized use.