Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud. Where is your data? Who can access it? Will it be safe from accidental deletion?
All of these questions and more are important, and AWS knows and addresses this.
Due to AWS being a global company deploying exactly the same services in all corners of the globe it has had to set the highest level of security conforming to all regulations in each country. As a result, someone who is simply using S3 to store their personal photos gets the same level of security as a multi million dollar company who require the most vigorous of security regulations.
AWS complies with a number of different security standards that can be found here.
When it comes to Security, AWS operates within a shared responsibility model. This means that the security ‘of’ the Cloud lies with AWS, and the security ‘in’ the cloud lays with you the user. To break this down a bit further, the physical access to the Data Centres, Availability Zones, Regions, Edge Locations, Compute, Networking and Storage is the responsibility of AWS. Your data and its encryption, configuration of your VPC security covering ACLs, Security Groups, IAM, patching of EC2 instances etc, is your responsibility.
More information on the Shared model can be found here.