Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Skip to main content

AWS Cloud Security

Esquema Nacional de Seguridad High

Overview

Amazon Web Services (AWS) is Esquema Nacional de Seguridad (ENS) High certified. This certification establishes security standards that apply to all government agencies and public organizations in Spain, and service providers on which the public services are dependent on.

Missing alt text value

Page topics

FAQs

Open all

The ENS (Esquema Nacional de Seguridad) accreditation scheme has been developed by the Ministry of Finance and Public Administration and the CCN (National Cryptologic Centre). This comprises of basic principles and minimum requirements necessary for the adequate protection of information.

To achieve ENS High certification, AWS was successfully audited by an accredited independent assessor.

The ENS (Esquema Nacional de Seguridad) is a Spanish certification that was developed as part of Royal Decree 311/2022 on May 3rd 2022. Royal Decree 311/2022 was published in accordance to the earlier Spanish decrees, Royal Decree 3/2010 and Royal Decree 421/2004, which provided the National Cryptologic Centre the functionality to create and disseminate the standards, guides, and recommendations relating to information security.

The current ENS standard was designed and released by the Spanish National Cryptologic Centre and establishes security measures that service providers must adhere to so Spanish government agencies and customers meet the requirements set forth by Royal Decree 311/2022.

ENS High covers 31 AWS Regions worldwide, including Spain. The detailed AWS Regions list is available in the certificate.

The covered AWS services that are already in scope for ENS can be found on the AWS Services in Scope by Compliance Program page. If you would like to learn more about using these services and/or have interest in other services please contact us.

Yes, AWS together with the National Cryptologic Centre have created a set of guidelines that customers can use to align with the security controls described in the High category of the ENS. AWS allows customers to verify ENS compliance of their security controls to the 800 CCN STIC guidelines for ENS using Prowler, an open-source security tool customers can integrate with AWS Security Hub to perform security configuration checks within their AWS environment. In addition, customers can launch open-source conformance pack templates within AWS Config to create security checks, allowing customers to personalize and align them with the ENS. The following links indicate the 800 CCN STIC guidelines and tools that maybe used to align with the security controls described in the ENS.