If I have all my APP deployed in AWS I can say automatically that I'm fulfilling the GDPR and the security ISOS? If not how can I get them?

0

Hi!

I have my whole app deployed in AWS and I'm using a lot of different services, for starters Im using cognito with oauth2 to generate the tokens and store the user sensible data. does this mean I'm already complaint with GDPR and some other security ISOS related with user data? I'm using also AWS RDS as database service and I have everything deployed in fargate and I'm using a gateway that filters authentication and authorization and also the tokens everytime my frontend sends a request.

I would like to know if this makes my software already complaint with some security basic ISOS and GDPR. And if not how can I start the process to be certified or really check that I'm complaint with GDPR?

We need this to be able to tell it to our first users.

Thank you guys!

1 Answer
1
Accepted Answer

Hi,

No, just hosting your app on AWS, where many services are GDPR-compliant doesn't make it automatically GDPR-compliant.

There are multiple preparatory steps to be completed before entering the certification process itself. This WP is a good starting point to understand all what you have to accomplish for your application to become compliant: https://docs.aws.amazon.com/pdfs/whitepapers/latest/navigating-gdpr-compliance/navigating-gdpr-compliance.pdf

Best,

Didier

profile pictureAWS
EXPERT
answered a month ago
profile picture
EXPERT
reviewed a month ago
profile picture
EXPERT
reviewed a month ago
  • I see, thanks!

  • You're welcome. Thanks for accepting my answer!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions