選取您的 Cookie 偏好設定

我們使用提供自身網站和服務所需的基本 Cookie 和類似工具。我們使用效能 Cookie 收集匿名統計資料,以便了解客戶如何使用我們的網站並進行改進。基本 Cookie 無法停用,但可以按一下「自訂」或「拒絕」以拒絕效能 Cookie。

如果您同意,AWS 與經核准的第三方也會使用 Cookie 提供實用的網站功能、記住您的偏好設定,並顯示相關內容,包括相關廣告。若要接受或拒絕所有非必要 Cookie,請按一下「接受」或「拒絕」。若要進行更詳細的選擇,請按一下「自訂」。

SWIFT Customer Security Controls Framework (v2022) on AWS - SWIFT Customer Security Controls Framework (v2022) on AWS
此頁面尚未翻譯為您的語言。 請求翻譯

SWIFT Customer Security Controls Framework (v2022) on AWS

Publication date: July 21, 2021 (Document Revisions)

Abstract

The SWIFT Customer Security Programme (CSP) was introduced to support SWIFT customers and drive industry-wide collaboration in the fight against cyber fraud. The CSP establishes a common set of security controls known as the Customer Security Controls Framework (CSCF) which is designed to help SWIFT users secure their local environments and to foster a more secure financial ecosystem.

The SWIFT Customer Security Controls Framework (CSCF) consists of both mandatory and advisory security controls for SWIFT users. Mandatory security controls establish a security baseline for the entire community, and must be implemented by all users on their local SWIFT infrastructure. With the shift to cloud computing, Appendix G of the latest CSCF provides guidance for users using digital connectivity.

The objective of this guide is to provide SWIFT customers with sufficient information and best practices to implement the CSCF security controls when implementing their SWIFT Client Connectivity Stack on AWS.

Are you Well-Architected?

The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.

For more expert guidance and best practices for your cloud architecture—reference architecture deployments, diagrams, and whitepapers—refer to the AWS Architecture Center.

Introduction

With the current business landscape created by the COVID-19 pandemic, the Society for Worldwide Interbank Financial Telecommunication (SWIFT) issued the v2021 guidance for its users to implement its updated Customer Security Programme (CSP) and Customer Security Controls Framework (CSCF).

The latest CSP now requires a community-standard assessment for all users and all assessments submitted from 2021 onwards will require an independent assessment.

This document provides guidance for SWIFT connectivity deployed on the AWS Cloud and is structured on the 7 Requirement sections described in the CSP.

The latest v2022 guidance includes five changes from v2021. Three of the changes—Control 2.9, Control 6.2, and Control 6.3—are out of scope for Cloud Providers according to Appendix G of the CSP. A new advisory control(Control 1.5A) was added. It is nearly identical to Control 1.1 and the guidelines are the same. Finally, the scope of Control 1.2 has been extended to a new architecture type, but there are no changes to the AWS guidance.

隱私權網站條款Cookie 偏好設定
© 2025, Amazon Web Services, Inc.或其附屬公司。保留所有權利。