It is not possible for a virtual instance running in promiscuous mode to receive or “sniff” traffic that is intended for a different virtual instance. While customers can place their interfaces into promiscuous mode, the hypervisor will not deliver any traffic to them that is not addressed to them. Even two virtual instances that are owned by the same customer located on the same physical host cannot listen to each other’s traffic. Attacks such as ARP cache poisoning do
not work within Amazon EC2 and Amazon VPC. While Amazon EC2 does provide ample protection against one customer inadvertently or maliciously attempting to view another’s data, as a standard practice customers should encrypt sensitive traffic – Amazon Web Services: Overview of Security Processes

Certifications

• SOC 1 Type 2 (formerly SAS-70)
• ISO 27001
• PCI DSS for EC2, S3, EBC, VPC, RDS, ELB, IAM
• FISMA Moderate Compliant Controls (Amazon cloud earns key FISMA government security accreditation)
• HIPAA & ITAR Compliant Architecture

Phisical security

• Datacenters in nondescript facilities
• Physical access strictly controlled
• Must pass two-factor authentication at least twice for floor access
• Physical access logged and audited

HW, SW, Network

• Systematic change management
• Phased updates deployment
• Safe storage decommission
• Automated monitoring and self-audit
• Advanced network protection

source: Using Amazon Web Services for Disaster Recovery Webinar (16:07)