SlideShare une entreprise Scribd logo

AWS Cloud Security Fundamentals

Amazon Web Services
Amazon Web Services

At AWS, cloud security is our highest priority. All AWS customers inherit the best practices of AWS policies, architecture, and operational processes built to satisfy the requirements of the most security-sensitive organizations in the most highly-regulated industries in the world – including financial services. In this talk, AWS experts discuss the fundamentals of AWS Cloud security, best practices, and services customers can leverage in order to operate and innovate in the cloud – more securely than on premises.

1  sur  26
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Cloud security fundamentals Protecting financial services in the AWS Cloud Mario Vlachakis, AWS Senior Solutions Architect SIBOS 2019
© 2019, Amazon Web Services, Inc. or its Affiliates. Table of Contents • AWS Cloud Infrastructure • Today’s Security & Compliance Landscape in Financial Services • The AWS Shared Responsibility Model • AWS Security Services • AWS Compliance Programs and Auditing Tools • Benefits of AWS Security & Compliance
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS provides a consistent global infrastructure The AWS Cloud spans 69 Availability Zones within 22 geographic Regions around the world, with announced plans for 9 more Availability Zones and three more Regions in Cape Town, Jakarta, and Milan.
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS provides a consistent global infrastructure The AWS Cloud spans 69 Availability Zones within 22 geographic Regions around the world, with announced plans for 9 more Availability Zones and three more Regions in Cape Town, Jakarta, and Milan.
© 2019, Amazon Web Services, Inc. or its Affiliates. Sample US Region Zoom In: AWS Region Zoom In: AWS AZ Datacenter Datacenter Datacenter Sample Availability Zone Availability Zone B Availability Zone A Availability Zone C
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Region and Availability Zone Summary Availability Zone B Availability Zone A Availability Zone C Availability Zone B Availability Zone A Availability Zone C Sample Region Sample Region
© 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape
© 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape ORMove fast Stay secure Organizations have traditionally had to make this difficult choice:
© 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape ANDMove fast Stay secure With the rise of cloud adoption, organizations no longer have to choose:
© 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape In its shift to the cloud, the Financial Services industry is confronting a range of familiar and emerging issues: Evolving regulatory requirements Meeting regional requirements Sophisticated, targeted attacks Onerous reporting requirements Limited specialist resources
© 2019, Amazon Web Services, Inc. or its Affiliates. The AWS Shared Responsibility Model
© 2019, Amazon Web Services, Inc. or its Affiliates. The AWS Shared Responsibility Model Security & Compliance is a shared responsibility between AWS and the customer.
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services Inherit global controls Scale with visibility & control Highest standards —privacy & security Industry-leading security partners As a customer, you inherit AWS’ security infrastructure benefits and have access to our security services and the largest network of cloud security partners. Automated security protocols
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services Pace of Innovation AWS continues to increase service launches, feature additions, and service updates. This includes 239 security updates. 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 1800+ 1430 1017 722 516 280 159 82614824
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services Identity & Access Detective Controls Infrastructure Security Data Protection Incident Response AWS Identity & Access Management (IAM) AWS Single Sing-On AWS Directory Service Amazon Cognito AWS Organizations AWS Secrets Manager AWS Resource Access Manager AWS Security Hub AWS Control Tower Amazon GuardDuty AWS Config AWS CloudTrail Amazon CloudWatch VPC Flow Logs AWS Systems Manager AWS Shield AWS WAF (Web Application Firewall) AWS Firewall Manager Amazon Inspector Amazon Virtual Private Cloud (VPC) AWS Key Management Service (KMS) AWS CloudHSM AWS Certificate Manager Amazon Macie Server-side Encryption AWS Config Rules AWS Lambda
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools Terms & Conditions Transparency Compliance, Security Tools & Services Security & Continuity Assets Deep Industry Expertise Regulatory Engagement Guidance and programs to help customers quickly set up robust compliance programs Tools and assets to help customers manage audit demands Mechanisms to advocate for and share best practices with customers > > Tools and guidance to enable compliance:
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools Certifications / Attestations Laws / Regulations / Privacy Alignments / Frameworks ASIP HDS [France] C5 [Germany] Cyber Essentials Plus [UK] DoD SRG ENS High [Spain] FedRAMP FIPS IRAP [Australia] ISO 9001 ISO 27001 ISO 27017 ISO 27018 K-ISMS [Korea] MTCS [Singapore] PCI DSS Level 1 SEC Rule 17-a-4(f) SOC 1 SOC 2 SOC 3 TISAX Argentina Data Privacy CCPA CISPE CLOUD Act FERPA GDPR GLBA HIA [Alberta, Canada] HIPAA HITECH IRS 1075 ITAR My Number Act [Japan] U.K. DPA - 1988 VPAT / Section 508 Privacy Act [Australia] Privacy Act [New Zealand] PDPA - 2010 [Malaysia] PDPA - 2012 [Singapore] PHIPA [Ontario, Canada] PIPEDA [Canada] Spanish DPA Authorization CIS CJIS CSA EU-US Privacy Shield FFIEC FISC FISMA Uptime Institute Tiers UK Cloud Security Principles G-Cloud [UK] GxP (FDA CFR 21 Part 11) ICREA IT Grundschutz [Germany] MITA 3.0 MPAA NIST
© 2019, Amazon Web Services, Inc. or its Affiliates. Ongoing engagement with regulators around the world serves two purposes: To share our approach and tools:1. Educate regulators to help examiners audit AWS environments Help shape the regulatory landscape to reflect changes in technology Facilitate dialogue between the industry and its regulators To assess and explain policy:2. Regulatory policy evaluations to assess the potential impact of regulations Country-by-country impact assessments to map how financial institutions need to operate Region- and country-specific compliance guides to document key policy changes and responses The result: The environment and feedback supports our customers’ abilities to innovate with confidence. AWS Compliance Programs and Auditing Tools
© 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools The AWS Compliance Center is a central location to research cloud regulations in specific countries and learn about AWS Compliance programs. Visit us at http://www.atlas.aws/
© 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance
© 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance Terms & conditions Transparency Compliance/security tools Security & continuity assets Deep industry expertise Global regulatory engagement AWS provides Industry-specific contracts Access to certifications & audit reports Ability to perform informed control assessments Comprehensive security & compliance monitoring Centralized control over services Why this matters A clear understanding of regulatory obligations & expectations A greater level of automation in security & compliance Audits that are more efficient & risk-based Rigorous & sustainable identity and access management Benefits Our approach reduces ambiguity and increases efficiency.
© 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance The result: AWS is the first choice for highly regulated organizations. “ ” We can be far more secure in the cloud and achieve a higher level of assurance at a much lower cost, in terms of effort and dollars invested. We determined that security in AWS is superior to our on-premises data center across several dimensions, including patching, encryption, auditing and logging, entitlements, and compliance. – John Brady, CISO, Over 50 global compliance certifications and accreditations AWS security experts; 24/7, 365 days a year Built to meet requirements of military, global banks, and other data-sensitive organizations Security enhancements from 1M+ customer experiences
© 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance The result: … as well as systemically important financial market utilities. “ ” Cloud computing has reached the tipping point as the capabilities, resiliency and security of services provided by cloud vendors now exceed those of many on-premises data centers. – DTCC, Moving Financial Market Infrastructure to the Cloud
Thank you!

Recommandé

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS SecurityAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWSAmazon Web Services
 
AWS Security by Design
AWS Security by Design AWS Security by Design
AWS Security by Design Amazon Web Services
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 

Recommandé

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS SecurityAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWSAmazon Web Services
 
AWS Security by Design
AWS Security by Design AWS Security by Design
AWS Security by Design Amazon Web Services
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWSAmazon Web Services
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
 
Amazon GuardDuty Lab
Amazon GuardDuty LabAmazon GuardDuty Lab
Amazon GuardDuty LabAmazon Web Services
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAMAmazon Web Services
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Amazon Web Services
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
AWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAmazon Web Services
 
AWS 101
AWS 101AWS 101
AWS 101Amazon Web Services
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerAmazon Web Services
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAmazon Web Services
 
AWS Webinar - Becoming a Cloud-First Healthcare Provider
AWS Webinar - Becoming a Cloud-First Healthcare Provider AWS Webinar - Becoming a Cloud-First Healthcare Provider
AWS Webinar - Becoming a Cloud-First Healthcare Provider Amazon Web Services
 
Generational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureGenerational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureAmazon Web Services
 

Contenu connexe

Tendances

Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Amazon Web Services
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerAmazon Web Services
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAmazon Web Services
 

Tendances (20)

Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control Tower
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
 
Amazon GuardDuty Lab
Amazon GuardDuty LabAmazon GuardDuty Lab
Amazon GuardDuty Lab
 
Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud Running Active Directory in the AWS Cloud
Running Active Directory in the AWS Cloud
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics Webinar
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAM
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
 
AWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAWS WAF - A Web App Firewall
AWS WAF - A Web App Firewall
 
AWS 101
AWS 101AWS 101
AWS 101
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
 
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control TowerDeploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control Tower
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - Webinar
 

Similaire à AWS Cloud Security Fundamentals

AWS Webinar - Becoming a Cloud-First Healthcare Provider
AWS Webinar - Becoming a Cloud-First Healthcare Provider AWS Webinar - Becoming a Cloud-First Healthcare Provider
AWS Webinar - Becoming a Cloud-First Healthcare Provider Amazon Web Services
 
Generational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureGenerational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureAmazon Web Services
 
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
 
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 Amazon Web Services
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...Amazon Web Services
 
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud MigrationMigrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud MigrationAmazon Web Services
 
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practiceSicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practiceAmazon Web Services
 
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Amazon Web Services
 
Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
 
Building transformational business value through broad organizational engagem...
Building transformational business value through broad organizational engagem...Building transformational business value through broad organizational engagem...
Building transformational business value through broad organizational engagem...Amazon Web Services
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudAmazon Web Services
 
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...Amazon Web Services
 
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS ComplianceAWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS ComplianceAmazon Web Services
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloudAmazon Web Services
 
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019Amazon Web Services
 
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Amazon Web Services
 
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesSecurity Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesAmazon Web Services
 
엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...
엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...
엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...Amazon Web Services Korea
 

Similaire à AWS Cloud Security Fundamentals (20)

AWS Webinar - Becoming a Cloud-First Healthcare Provider
AWS Webinar - Becoming a Cloud-First Healthcare Provider AWS Webinar - Becoming a Cloud-First Healthcare Provider
AWS Webinar - Becoming a Cloud-First Healthcare Provider
 
Generational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureGenerational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To Insure
 
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
 
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...
 
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud MigrationMigrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
 
Security in the cloud
Security in the cloudSecurity in the cloud
Security in the cloud
 
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practiceSicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practice
 
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
 
Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...
 
Building transformational business value through broad organizational engagem...
Building transformational business value through broad organizational engagem...Building transformational business value through broad organizational engagem...
Building transformational business value through broad organizational engagem...
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloud
 
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...
 
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS ComplianceAWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloud
 
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
 
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
 
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesSecurity Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
 
엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...
엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...
엔터프라이즈의 효과적인 클라우드 도입을 위한 전략 및 적용 사례-신규진 프로페셔널 서비스 리드, AWS/고병률 데이터베이스 아키텍트, 삼성...
 
AWS Cloud economics
AWS Cloud economicsAWS Cloud economics
AWS Cloud economics
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

AWS Cloud Security Fundamentals

  • 1. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Cloud security fundamentals Protecting financial services in the AWS Cloud Mario Vlachakis, AWS Senior Solutions Architect SIBOS 2019
  • 2. © 2019, Amazon Web Services, Inc. or its Affiliates. Table of Contents • AWS Cloud Infrastructure • Today’s Security & Compliance Landscape in Financial Services • The AWS Shared Responsibility Model • AWS Security Services • AWS Compliance Programs and Auditing Tools • Benefits of AWS Security & Compliance
  • 3. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS provides a consistent global infrastructure The AWS Cloud spans 69 Availability Zones within 22 geographic Regions around the world, with announced plans for 9 more Availability Zones and three more Regions in Cape Town, Jakarta, and Milan.
  • 4. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS provides a consistent global infrastructure The AWS Cloud spans 69 Availability Zones within 22 geographic Regions around the world, with announced plans for 9 more Availability Zones and three more Regions in Cape Town, Jakarta, and Milan.
  • 5. © 2019, Amazon Web Services, Inc. or its Affiliates. Sample US Region Zoom In: AWS Region Zoom In: AWS AZ Datacenter Datacenter Datacenter Sample Availability Zone Availability Zone B Availability Zone A Availability Zone C
  • 6. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Region and Availability Zone Summary Availability Zone B Availability Zone A Availability Zone C Availability Zone B Availability Zone A Availability Zone C Sample Region Sample Region
  • 7. © 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape
  • 8. © 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape ORMove fast Stay secure Organizations have traditionally had to make this difficult choice:
  • 9. © 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape ANDMove fast Stay secure With the rise of cloud adoption, organizations no longer have to choose:
  • 10. © 2019, Amazon Web Services, Inc. or its Affiliates. Today’s Security & Compliance Landscape In its shift to the cloud, the Financial Services industry is confronting a range of familiar and emerging issues: Evolving regulatory requirements Meeting regional requirements Sophisticated, targeted attacks Onerous reporting requirements Limited specialist resources
  • 11. © 2019, Amazon Web Services, Inc. or its Affiliates. The AWS Shared Responsibility Model
  • 12. © 2019, Amazon Web Services, Inc. or its Affiliates. The AWS Shared Responsibility Model Security & Compliance is a shared responsibility between AWS and the customer.
  • 13. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services
  • 14. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services Inherit global controls Scale with visibility & control Highest standards —privacy & security Industry-leading security partners As a customer, you inherit AWS’ security infrastructure benefits and have access to our security services and the largest network of cloud security partners. Automated security protocols
  • 15. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services Pace of Innovation AWS continues to increase service launches, feature additions, and service updates. This includes 239 security updates. 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 1800+ 1430 1017 722 516 280 159 82614824
  • 16. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Security Services Identity & Access Detective Controls Infrastructure Security Data Protection Incident Response AWS Identity & Access Management (IAM) AWS Single Sing-On AWS Directory Service Amazon Cognito AWS Organizations AWS Secrets Manager AWS Resource Access Manager AWS Security Hub AWS Control Tower Amazon GuardDuty AWS Config AWS CloudTrail Amazon CloudWatch VPC Flow Logs AWS Systems Manager AWS Shield AWS WAF (Web Application Firewall) AWS Firewall Manager Amazon Inspector Amazon Virtual Private Cloud (VPC) AWS Key Management Service (KMS) AWS CloudHSM AWS Certificate Manager Amazon Macie Server-side Encryption AWS Config Rules AWS Lambda
  • 17. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools
  • 18. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools Terms & Conditions Transparency Compliance, Security Tools & Services Security & Continuity Assets Deep Industry Expertise Regulatory Engagement Guidance and programs to help customers quickly set up robust compliance programs Tools and assets to help customers manage audit demands Mechanisms to advocate for and share best practices with customers > > Tools and guidance to enable compliance:
  • 19. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools Certifications / Attestations Laws / Regulations / Privacy Alignments / Frameworks ASIP HDS [France] C5 [Germany] Cyber Essentials Plus [UK] DoD SRG ENS High [Spain] FedRAMP FIPS IRAP [Australia] ISO 9001 ISO 27001 ISO 27017 ISO 27018 K-ISMS [Korea] MTCS [Singapore] PCI DSS Level 1 SEC Rule 17-a-4(f) SOC 1 SOC 2 SOC 3 TISAX Argentina Data Privacy CCPA CISPE CLOUD Act FERPA GDPR GLBA HIA [Alberta, Canada] HIPAA HITECH IRS 1075 ITAR My Number Act [Japan] U.K. DPA - 1988 VPAT / Section 508 Privacy Act [Australia] Privacy Act [New Zealand] PDPA - 2010 [Malaysia] PDPA - 2012 [Singapore] PHIPA [Ontario, Canada] PIPEDA [Canada] Spanish DPA Authorization CIS CJIS CSA EU-US Privacy Shield FFIEC FISC FISMA Uptime Institute Tiers UK Cloud Security Principles G-Cloud [UK] GxP (FDA CFR 21 Part 11) ICREA IT Grundschutz [Germany] MITA 3.0 MPAA NIST
  • 20. © 2019, Amazon Web Services, Inc. or its Affiliates. Ongoing engagement with regulators around the world serves two purposes: To share our approach and tools:1. Educate regulators to help examiners audit AWS environments Help shape the regulatory landscape to reflect changes in technology Facilitate dialogue between the industry and its regulators To assess and explain policy:2. Regulatory policy evaluations to assess the potential impact of regulations Country-by-country impact assessments to map how financial institutions need to operate Region- and country-specific compliance guides to document key policy changes and responses The result: The environment and feedback supports our customers’ abilities to innovate with confidence. AWS Compliance Programs and Auditing Tools
  • 21. © 2019, Amazon Web Services, Inc. or its Affiliates. AWS Compliance Programs and Auditing Tools The AWS Compliance Center is a central location to research cloud regulations in specific countries and learn about AWS Compliance programs. Visit us at http://www.atlas.aws/
  • 22. © 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance
  • 23. © 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance Terms & conditions Transparency Compliance/security tools Security & continuity assets Deep industry expertise Global regulatory engagement AWS provides Industry-specific contracts Access to certifications & audit reports Ability to perform informed control assessments Comprehensive security & compliance monitoring Centralized control over services Why this matters A clear understanding of regulatory obligations & expectations A greater level of automation in security & compliance Audits that are more efficient & risk-based Rigorous & sustainable identity and access management Benefits Our approach reduces ambiguity and increases efficiency.
  • 24. © 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance The result: AWS is the first choice for highly regulated organizations. “ ” We can be far more secure in the cloud and achieve a higher level of assurance at a much lower cost, in terms of effort and dollars invested. We determined that security in AWS is superior to our on-premises data center across several dimensions, including patching, encryption, auditing and logging, entitlements, and compliance. – John Brady, CISO, Over 50 global compliance certifications and accreditations AWS security experts; 24/7, 365 days a year Built to meet requirements of military, global banks, and other data-sensitive organizations Security enhancements from 1M+ customer experiences
  • 25. © 2019, Amazon Web Services, Inc. or its Affiliates. Benefits of AWS Security & Compliance The result: … as well as systemically important financial market utilities. “ ” Cloud computing has reached the tipping point as the capabilities, resiliency and security of services provided by cloud vendors now exceed those of many on-premises data centers. – DTCC, Moving Financial Market Infrastructure to the Cloud