SlideShare a Scribd company logo

AWS Webcast - AWS Compliance Forum Introduction

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

Amazon Web Services (AWS) has developed a customer compliance forum to facilitate in-depth compliance discussions between you and with AWS Compliance. The webinar focuses on the AWS shared responsibility security model and how your organization can achieve security and compliance within your use of AWS services. This initial AWS Compliance Forum webinar will provide an overview of AWS compliance programs, use cases, and the various compliance verticals AWS can support both through current certification and attestations (i.e., PCI, SOC, FedRAMP, and ISO) as well as areas AWS can illustrate use cases for workloads related to Life Sciences, Financial Services, and state/federal government compliance requirements. From there we will discuss the goals of the AWS Compliance Forum and plans for future webinars and small-group compliance discussions.

Technology
1 of 19
AWS Compliance Forum Introduction October 22, 2013 Session AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Your cloud compliance comfort and the AWS Compliance Forum tenets Connect you with AWS specialists Connect you with other AWS customers Provide you with industry/standard-specific compliance resources Very comfortable 12% Not comfortable 23% Somewhat comfortable 65% AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Delivering on the AWS Compliance Forum tenets What you shared How we plan to meet your needs 97% of you want to connect with AWS specialists on how to architect your environment for compliance Who: • AWS Security Solutions Architects • AWS Compliance Architects • AWS Security, Risk, Compliance consultants How: • Case studies • Use-case reference architectures • Discussion groups 98% want to connect with other AWS customers navigating compliance in the cloud Who: • Customers in your industry • Customers pursuing similar compliance certifications How: • Small discussion groups based on industry and/or certification • ‘Anonymized’ stories about successes and challenges 99% want to learn how to interpret and implement your specific control requirements in the cloud Who: • AWS Compliance Architects • AWS Security, Risk, Compliance consultants How: • One-on-one connection points between you and AWS • Use-case reference architectures AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Which are you most interested in? A. Connecting with AWS Security Solutions Architect B. Connecting with AWS Compliance Architect C. Connecting with AWS Security, Risk and Compliance professional services consultant AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Sample of Industries Using AWS http://aws.amazon.com/solutions/case-studies/all/ AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Dutch National Bank – A Key Milestone for the Cloud AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Security is a Shared Responsibility Customer Data Users and Roles Account Management Applications Firewalls Managed by Customer Network Configuration Guest Operating System Virtualization Layer Compute Infrastructure Storage Infrastructure Network Infrastructure Managed by AWS Facilities Physical Security AWS Global Infrastructure AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Building a Robust Program Understand your Cloud Boundary What services are you using? What is the Business Case / Use Case? For example: For example: Amazon EC2 Route 53 Amazon VPC • • • • Amazon S3 Amazon EBS Big Data Analytics High performance Compute Sensitive Data Archiving & Storage Web Applications DynamoDB AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Building a Robust Program – Your Control Set Optimized Network/OS/App Controls Compliance in the Cloud Service-specific Controls Managed by Customer Cross-service Controls Cloud Service Provider Controls Managed by AWS AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. Compliance of the Cloud
Compliance of the Cloud – CSP Controls Optimized Network/OS/App Controls Service-specific Controls Identify All Controls Validate CSP Controls Cross-service Controls Cloud Service Provider Controls Internal Controls + Industry Standards AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Compliance in the Cloud – Cross Service Controls Optimized Network/OS/App Controls Service-specific Controls IAM Cross-service Controls Control Implementation Guidance Multi-factor authentication must be used to secure IAM users http://docs.aws.amazon. com/IAM/latest/UserGui de/Using_ManagingMFA .html Cloud Service Provider Controls AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Compliance in the Cloud – Servicespecific Controls Optimized Network/OS/App Controls Service-specific Controls Amazon S3 Cross-service Controls Control Implementation Guidance Server Side Encryption (SSE) is enabled for all objects classified per [customer] data classification policy as Confidential. http://docs.aws.amazon. com/AmazonS3/latest/d ev/UsingServerSideEncry ption.html Cloud Service Provider Controls AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Compliance in the Cloud – Traditional, AWS Optimized Optimized Network/OS/App Controls Control Implementation Guidance 1. Harden machine images 2. Use an approved OS image [Customer] Server Secure hardening rules Service-specific Controls Cross-service Controls Cloud Service Provider Controls Optimized by AWS: Share Private AMIs http://docs.aws.amazon. com/AWSEC2/latest/Use rGuide/ebs-modifyingsnapshotpermissions.html AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Scaling Security in Growth AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Scaling Security in Scope On-boarded Service New Service Assessment Network/OS/App Controls Service Specific Controls New Network/OS/App Control Service Specific Controls Network/OS/App Controls New service specific Control Cross Service Security Controls Cross Service Security Controls Cloud Service Provider Controls Cloud Service Provider Controls AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Additional Resources • Available at aws.amazon.com/compliance – AWS Risk & Compliance Whitepaper – AWS Auditing Security Checklist for AWS • Available at aws.amazon.com/security – AWS Security Whitepaper AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Key Takeaways 1.Global companies are innovating on AWS with regulated data. 2.You can be more secure in the AWS cloud by: a. Using the secure AWS cloud infrastructure b. Using the automated software controls AWS services provide 3.Layered assurance provides an effective approach to cloud security AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
What’s next? Compliance-requirement-specific webinars with AWS specialists Segmenting industry-specific discussion groups with other AWS Compliance Forum customers Compliance-requirement-specific and industry-specific control mapping workbooks AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
Copyright © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. This work may not be reproduced or redistributed, in whole or in part, without prior written permission from Amazon Web Services, Inc. Commercial copying, lending, or selling is prohibited. Questions? Email us at awscompliance@amazon.com AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.

Recommended

Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Amazon Web Services
 
In Focus: 2015 Compliance Trends Survey
In Focus: 2015 Compliance Trends SurveyIn Focus: 2015 Compliance Trends Survey
In Focus: 2015 Compliance Trends SurveyCenterRegStrategies
 
PCI Compliance in the Cloud: A working example
PCI Compliance in the Cloud: A working examplePCI Compliance in the Cloud: A working example
PCI Compliance in the Cloud: A working exampleAdam Getchell
 
Background independent quantum gravity
Background independent quantum gravityBackground independent quantum gravity
Background independent quantum gravityAdam Getchell
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationAmazon Web Services
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte ScaleAmazon Web Services
 
Automating Compliance in the Cloud
Automating Compliance in the CloudAutomating Compliance in the Cloud
Automating Compliance in the CloudAmazon Web Services
 
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & SecurityAmazon Web Services
 

Recommended

Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Amazon Web Services
 
In Focus: 2015 Compliance Trends Survey
In Focus: 2015 Compliance Trends SurveyIn Focus: 2015 Compliance Trends Survey
In Focus: 2015 Compliance Trends SurveyCenterRegStrategies
 
PCI Compliance in the Cloud: A working example
PCI Compliance in the Cloud: A working examplePCI Compliance in the Cloud: A working example
PCI Compliance in the Cloud: A working exampleAdam Getchell
 
Background independent quantum gravity
Background independent quantum gravityBackground independent quantum gravity
Background independent quantum gravityAdam Getchell
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationAmazon Web Services
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte ScaleAmazon Web Services
 
Automating Compliance in the Cloud
Automating Compliance in the CloudAutomating Compliance in the Cloud
Automating Compliance in the CloudAmazon Web Services
 
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security(SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security
(SEC314) AWS for the Enterprise: Implementing Policy, Governance & SecurityAmazon Web Services
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSAmazon Web Services
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2Flaskdata.io
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and SecurityJason Chan
 
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or LessAmazon Web Services
 
Security & Compliance
Security & Compliance Security & Compliance
Security & Compliance Amazon Web Services
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingIlyas F ☁☁☁
 
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika AldabaLightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldabaux singapore
 
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a serviceAmazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWSAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 

More Related Content

Viewers also liked

Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSAmazon Web Services
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2Flaskdata.io
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and SecurityJason Chan
 
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or LessAmazon Web Services
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingIlyas F ☁☁☁
 
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika AldabaLightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldabaux singapore
 

Viewers also liked (7)

Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
 
Data Security For Compliance 2
Data Security For Compliance 2Data Security For Compliance 2
Data Security For Compliance 2
 
Splitting the Check on Compliance and Security
Splitting the Check on Compliance and SecuritySplitting the Check on Compliance and Security
Splitting the Check on Compliance and Security
 
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less
 
Security & Compliance
Security & Compliance Security & Compliance
Security & Compliance
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
 
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika AldabaLightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 

Recently uploaded (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

AWS Webcast - AWS Compliance Forum Introduction

  • 1. AWS Compliance Forum Introduction October 22, 2013 Session AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 2. Your cloud compliance comfort and the AWS Compliance Forum tenets Connect you with AWS specialists Connect you with other AWS customers Provide you with industry/standard-specific compliance resources Very comfortable 12% Not comfortable 23% Somewhat comfortable 65% AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 3. Delivering on the AWS Compliance Forum tenets What you shared How we plan to meet your needs 97% of you want to connect with AWS specialists on how to architect your environment for compliance Who: • AWS Security Solutions Architects • AWS Compliance Architects • AWS Security, Risk, Compliance consultants How: • Case studies • Use-case reference architectures • Discussion groups 98% want to connect with other AWS customers navigating compliance in the cloud Who: • Customers in your industry • Customers pursuing similar compliance certifications How: • Small discussion groups based on industry and/or certification • ‘Anonymized’ stories about successes and challenges 99% want to learn how to interpret and implement your specific control requirements in the cloud Who: • AWS Compliance Architects • AWS Security, Risk, Compliance consultants How: • One-on-one connection points between you and AWS • Use-case reference architectures AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 4. Which are you most interested in? A. Connecting with AWS Security Solutions Architect B. Connecting with AWS Compliance Architect C. Connecting with AWS Security, Risk and Compliance professional services consultant AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 5. Sample of Industries Using AWS http://aws.amazon.com/solutions/case-studies/all/ AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 6. Dutch National Bank – A Key Milestone for the Cloud AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 7. Security is a Shared Responsibility Customer Data Users and Roles Account Management Applications Firewalls Managed by Customer Network Configuration Guest Operating System Virtualization Layer Compute Infrastructure Storage Infrastructure Network Infrastructure Managed by AWS Facilities Physical Security AWS Global Infrastructure AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 8. Building a Robust Program Understand your Cloud Boundary What services are you using? What is the Business Case / Use Case? For example: For example: Amazon EC2 Route 53 Amazon VPC • • • • Amazon S3 Amazon EBS Big Data Analytics High performance Compute Sensitive Data Archiving & Storage Web Applications DynamoDB AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 9. Building a Robust Program – Your Control Set Optimized Network/OS/App Controls Compliance in the Cloud Service-specific Controls Managed by Customer Cross-service Controls Cloud Service Provider Controls Managed by AWS AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. Compliance of the Cloud
  • 10. Compliance of the Cloud – CSP Controls Optimized Network/OS/App Controls Service-specific Controls Identify All Controls Validate CSP Controls Cross-service Controls Cloud Service Provider Controls Internal Controls + Industry Standards AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 11. Compliance in the Cloud – Cross Service Controls Optimized Network/OS/App Controls Service-specific Controls IAM Cross-service Controls Control Implementation Guidance Multi-factor authentication must be used to secure IAM users http://docs.aws.amazon. com/IAM/latest/UserGui de/Using_ManagingMFA .html Cloud Service Provider Controls AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 12. Compliance in the Cloud – Servicespecific Controls Optimized Network/OS/App Controls Service-specific Controls Amazon S3 Cross-service Controls Control Implementation Guidance Server Side Encryption (SSE) is enabled for all objects classified per [customer] data classification policy as Confidential. http://docs.aws.amazon. com/AmazonS3/latest/d ev/UsingServerSideEncry ption.html Cloud Service Provider Controls AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 13. Compliance in the Cloud – Traditional, AWS Optimized Optimized Network/OS/App Controls Control Implementation Guidance 1. Harden machine images 2. Use an approved OS image [Customer] Server Secure hardening rules Service-specific Controls Cross-service Controls Cloud Service Provider Controls Optimized by AWS: Share Private AMIs http://docs.aws.amazon. com/AWSEC2/latest/Use rGuide/ebs-modifyingsnapshotpermissions.html AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 14. Scaling Security in Growth AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 15. Scaling Security in Scope On-boarded Service New Service Assessment Network/OS/App Controls Service Specific Controls New Network/OS/App Control Service Specific Controls Network/OS/App Controls New service specific Control Cross Service Security Controls Cross Service Security Controls Cloud Service Provider Controls Cloud Service Provider Controls AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 16. Additional Resources • Available at aws.amazon.com/compliance – AWS Risk & Compliance Whitepaper – AWS Auditing Security Checklist for AWS • Available at aws.amazon.com/security – AWS Security Whitepaper AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 17. Key Takeaways 1.Global companies are innovating on AWS with regulated data. 2.You can be more secure in the AWS cloud by: a. Using the secure AWS cloud infrastructure b. Using the automated software controls AWS services provide 3.Layered assurance provides an effective approach to cloud security AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 18. What’s next? Compliance-requirement-specific webinars with AWS specialists Segmenting industry-specific discussion groups with other AWS Compliance Forum customers Compliance-requirement-specific and industry-specific control mapping workbooks AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  • 19. Copyright © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. This work may not be reproduced or redistributed, in whole or in part, without prior written permission from Amazon Web Services, Inc. Commercial copying, lending, or selling is prohibited. Questions? Email us at awscompliance@amazon.com AWS INTERNAL ONLY © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.

Editor's Notes

  1. Talking points:As you can see from the graph,88% of you are not fully comfortable navigating compliance requirements. In your choice to join the AWS Compliance Forum, you see the value to you and your organization. However, we wanted to provide you a broader perspective on how this unique community is feeling by sharing the survey results and what our plans are to address your needs. The Forum has three tenets, all focused on helping you feel more comfortable navigating your compliance requirements in the cloud: To connect you with AWS specialists, other AWS customers, and industry-specific content
  2. Talking points:AWS Security Solutions Architects are security-focused AWS specialists who have worked with customers to build out environments architected with an emphasis on achieving security and compliance requirements AWS Compliance Architects are <Chad to phrase how he wants to say this>AWS Security, Risk, Compliance consultants are focused on providing one-on-one consultative services for your organization around security engineering assistance and governance, risk, and compliance consultation. That being said, we would like to learn more about what among what we just shared interests you the most. Do to so, we’re going to ask a series of polling questions.
  3. AWS_Training_ILT_Template_Version1.2