How Secure is the AWS Europe (Zürich) Region?

With the launch of the new AWS Europe (Zurich) Region in November 2022, some new adopters may have questions over its security. How do the security mechanisms work, and how safe actually is it compared to other regions? Let’s take a closer look.

AWS Security at a Glance

The new Swiss AWS region has the same foundation as all AWS regions. What this means is that no AWS region is more secure than another. Although different regions may offer different services, have different SLAs, and different costs, their baseline security is the same. So, when we’re discussing security measures in AWS regions, this can be directly applied to the new Swiss region.

AWS operates on a shared responsibility model. This means that AWS is responsible for the security of its cloud services, whereas users are responsible for the security inside the cloud. Simply put, AWS’s security measures focus on the security of the AWS product. They self-describe their security approach as ‘much like the security in your own-premises data centres’. In essence, AWS has tight controls, enforcements, and monitoring across the entirety of its global infrastructure.

Here’s some of what they provide:

• Over 300 services and features that cover security, compliance, and governance

• Physical security measures in their data centres (including the new AWS region in Zürich)

• Built-in security for the cloud, including DDoS mitigation technologies, data protections, monitoring tools, and more

AWS users are also given full control for additional levels of security they want to enforce. This can include any third-party security tools they might choose to use.

The Additional Advantages That a Local Region Offers

Not only do AWS users benefit from the security measures that are present across the whole infrastructure, but they benefit from a local perspective too. For instance, as we previously mentioned, AWS has in-built data security measures. For example, AWS will not move data and content across other regions unless requested by the users or in legal cases where it’s required. From a local perspective, this gives users more choice over where their data is stored and processed. This additional level of control also makes it a lot easier to apply any local legal regulations too. Here some of what the AWS Europe (Zurich) Region complies with:

• Standard Contractual Clauses adopted by the Europe Commission in June 2021 for transferring data out of Switzerland and EEA

• Contractual commitments beyond the requirements of Schrems II

• 52 of its services have been independently certified by Ernst and Young CertifyPoint4 to comply with Cloud Infrastructure Service Providers Europe Data Protection Code of Conduct (CISPE Code). This covers the processing of personal data under GDPR.

To Sum Up

The new AWS Europe (Zürich) Region is as secure as the rest of the global infrastructure it’s a part of. Where it offers more protections is on a local level, where Swiss-based organisations may need to store and process their data locally to meet legal requirements.