SlideShare une entreprise Scribd logo

Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AWS re:Invent 2013

Amazon Web Services
Amazon Web Services

This session covers the shared responsibility model for security and compliance specific to the AWS GovCloud (US) region. This presentation highlights the enhanced security offerings of AWS GovCloud (US), such as FIPS-140 Level 2 encryption, as well as the supported compliance regimes. It also reviews how our customers can build secure applications in GovCloud using the various security features such as IAM and VPC. This presentation also offers a brief overview of FedRAMP, explains the shared responsibility model through customer use cases, and covers how customers can obtain an Authority to Operate.

TechnologieBusiness
1  sur  36
Télécharger pour lire hors ligne
SEC204 - Building Secure Applications and Navigating FedRAMP in the AWS GovCloud (US) Region CJ Moses, GM – AWS Global Cloud Solutions Chris Gile, Manager - AWS Federal Compliance Programs Jennifer Gray - Federal Cloud Lead - HHS Enterprise Cloud Architect Tom Soderstrom - CTO, Jet Propulsion Laboratory November 13, 2013 © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
AWS GovCloud (US) • The AWS Government Community Cloud for vetted U.S. Government and U.S. commercial entities with ties to U.S. Government functions and services • Built with U.S. government customers in mind and appropriate for: – – – • U.S. Government agencies – US Federal, state and local entities U.S. Government contractors, systems integrators, and FFRDCs U.S. Companies with IT regulatory requirements Designed to allow U.S. government agencies and customers to move more sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements – Appropriate for Controlled Unclassified Information (CUI) or Unclassified data and workloads
AWS GovCloud (US) • Data stays in CONUS – Region located in the Pacific Northwest • Only approved AWS U.S. Persons have access to restricted areas, networks, and systems for administration • AWS managed account provisioning; each potential customer is vetted to ensure they are a U.S. entity and not prohibited or restricted from exporting or from providing services by the U.S. government • Data, Network and Machine Isolation – – – Mandatory virtual private cloud (Amazon VPC) segregation for all customers, which offers an additional layer of isolation and protection Separate, isolated credentials database (AWS IAM) FIPS 140-2 hardware for endpoints and VPN
FedRAMP Overview • FedRAMP Overview • AWS FedRAMP Program • Shared Responsibility Model & Achieving Compliance with AWS
FedRAMP Overview • OMB mandated FedRAMP compliance for government agencies using CSPs • Government-wide program standardizing CSP security assessments • Four approaches for CSPs to demonstrate compliance supporting agency needs • All FedRAMP package types in FedRAMP repository can be leveraged by USG agencies
AWS’ FedRAMP Program • Agency ATOs (2) granted by HHS May ’13 covering: – US East/West and GovCloud (US) Regions – EC2, S3, EBS, VPC, and IAM services (more on the way!) – Reviewed by HHS, CDC, NIH, & FDA – FedRAMP-accredited 3PAO assessed AWS against all 297 Moderate FedRAMP controls • Subsequent federal agency ATOs granted based on AWS FedRAMP packages – Our Agency ATOs can be leveraged by any customer
AWS’ FedRAMP Program • Request AWS FedRAMP package via FedRAMP PMO or directly from AWS • So how do you achieve compliance using the AWS FedRAMP package?
Security is a Shared Responsibility Optimized Network/OS/App Controls Service-specific Controls Managed by Customer Compliance in the Cloud Cross-service Controls Cloud Service Provider Controls Compliance of the Cloud Managed by AWS
Security is a Shared Responsibility Customer Data • Customers implement their own set of controls (shared controls) • Customers document their implementation of controls in SSP • Customers conduct 3PAO assessment • Multiple customers with Low/Mod ATOs • Customers tell us High ATOs possible • Payment Card Industry (PCI) Data Security Standard Level 1 • NIST 800-53 Controls & multiple ATOs; FedRAMP • DoD Compliant Controls and multiple DIACAP ATOs • SSAE 16 Types 1 & 2 (SAS 70) • ISO 27001/ 2 Certification • HIPAA and ITAR Compliant Users and Roles Account Management Applications Managed by Customer Firewalls Network Configuration Guest Operating System Virtualization Layer Compute Infrastructure Storage Infrastructure Network Infrastructure Managed by AWS Facilities Physical Security AWS Global Infrastructure
Useful Links & Resources • • • • • • • AWS FedRAMP Package for AWS GovCloud (US) Region AWS FedRAMP SSP Template http://aws.amazon.com/compliance http://aws.amazon.com/compliance/#whitepapers http://aws.amazon.com/compliance/fedramp-faqs http://aws.amazon.com/security http://aws.amazon.com/documentation awscompliance@amazon.com
OFFICE OF THE CHIEF INFORMATION OFFICER DEPARTMENT OF HEALTH AND HUMAN SERVICES U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES HHS Use Case Agency FedRAMP ATO Experience Jennifer Gray
Key Drivers • HHS Cloud Strategy • FedRAMP Policy Memo (OMB Policy Memo December 8, 2011) • Existing HHS Cloud Systems using AWS environment • HHS FedRAMP Standard Operating Procedures 12
Build Effective Team • OCIO Senior Leadership • HHS OIS Security Cloud Security Team • Operational Divisions (FDA, NIH, CDC, OS) • FedRAMP Program Management Office • Amazon Web Services (AWS) Risk & Compliance Team • 3PAO (Veris Group) FDA FedRAMP PMO NIH HHS OIS Cloud Security Team AWS (CSP) CDC 13
HHS FedRAMP Security Authorization Process • Agency-wide FedRAMP Standard Operating Procedures • Released by through HHS CISO • Defines how HHS will authorize cloud services to ensure they meet FedRAMP requirements 14
HHS FedRAMP AWS Authorization Process 15
AWS Achieves HHS FedRAMP ATO • FedRAMP Complete - May 20, 2013 • Worked with HHS FedRAMP Team to ensure standard process aligns with FedRAMP PMO expectations • Consistent with FedRAMP CONOPs. • Includes details about initial documentation as well as periodic updates 16
Key Lessons Learned • • • • • • Senior Management Sponsorship Merge FedRAMP process into existing security assessment and authorization processes Ensure all security artifacts are provided at least one week prior to reviews Develop full project schedule with all key stakeholders in advance Develop FAQ post ATO Collect resource metrics for future planning 17
SEC204 - Building Secure Applications and Navigating FedRAMP in the AWS GovCloud (US) Region Tom Soderstrom, Jet Propulsion Laboratory November 13, 2013 © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Agenda 1. JPL’s Journey 2. JPL’s Results 3. JPL’s Future
1. JPL’s Journey
Why Cloud Computing? Increased demand for IT. Cloud computing promised: • Additional, powerful options for IT • Increased compute and storage capability • Faster speed to market • Lowering unit IT costs • One size does not have to fit all • Computing as secure as we have today • Needed ITAR-certified cloud computing
22 Flicker by WSDOT
23
2. JPL’s Results
JPL used Cloud Computing for Outreach… and beyond Microsoft
JPL used cloud computing for mission critical operations
… but ITAR approval took a while, producing separate ATOs for FISMA Moderate and ITAR
AWS GovCloud ATO (US Persons Only)           Accountable (CIO) Letter of intent and compliance by JPL IT CTO Concurrence by JPL IT Security and Infrastructure Concurrence by NASA OCIO Concurrence by Caltech Audit Concurrence by NASA Office of Inspector General Concurrence by JPL and NASA Export Control Office Concurrence by Caltech/JPL Legal Concurrence by additional key stakeholders Adheres to JPL’s standard Policies and Procedures
Full 360 degree view Quarterly reviews Enables usage Continuous awareness
AWS GovCloud ATO (US Persons Only)           Accountable (CIO) Letter of intent and compliance by JPL IT CTO Concurrence by JPL IT Security and Infrastructure Concurrence by NASA OCIO Concurrence by Caltech Audit Concurrence by NASA Office of Inspector General Concurrence by JPL and NASA Export Control Office Concurrence by Caltech/JPL Legal Concurrence by additional key stakeholders Adheres to JPL’s standard Policies and Procedures
AWS GovCloud Use Cases So Far       Radar Processing (large scale) Virtual Workshops Big Data analytics of JPL sensitive data Storage and processing of Mars Exploration Rovers data Rapid prototyping when some data is sensitive User: “If it can handle ITAR, I don’t have to separate the data, so I’ll get started now”  Cyber Security: “I can use my normal tools”  JPL wants Glacier next
Amazon Glacier Total Cost Comparison DR Use Case Storage and Retrieval Costs Over 10 years Glacier total costs $ S3 total costs SDSC total costs JPL Private Cloud total costs Denver total costs 1 2 3 4 5 6 Storage Years 7 8 9 10
3. JPL’s Future
MoonTours App shows new cloud-enabled architecture : Devices + Data + Processing + Clouds
Please give us your feedback on this presentation SEC204 As a thank you, we will select prize winners daily for completed surveys!

Recommandé

Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
What's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowWhat's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowAmazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  Amazon Web Services
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive ScaleAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 

Recommandé

Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
What's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowWhat's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowAmazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  Amazon Web Services
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive ScaleAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 
Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSAmazon Web Services
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignAmazon Web Services
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rsAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit... Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...Amazon Web Services
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals Christopher Caplan
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The CloudMark Nunnikhoven
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWSPolarSeven Pty Ltd
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAmazon Web Services
 
(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for GoviesAmazon Web Services
 

Contenu connexe

Tendances

AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 
Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSAmazon Web Services
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignAmazon Web Services
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rsAmazon Web Services
 
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit... Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...Amazon Web Services
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The CloudMark Nunnikhoven
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 

Tendances (20)

AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial Services
 
Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.Successful Cloud Adoption for the Enterprise. Not If. When.
Successful Cloud Adoption for the Enterprise. Not If. When.
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWS
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By Design
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rs
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit... Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
 

En vedette

AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAmazon Web Services
 
(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for GoviesAmazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Amazon Web Services
 
CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...
CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...
CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...Amazon Web Services
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Amazon Web Services
 
FedRAMP CSP SSP Training
FedRAMP CSP SSP TrainingFedRAMP CSP SSP Training
FedRAMP CSP SSP Training1ECG
 
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyDeploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyAmazon Web Services
 
AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS Amazon Web Services
 
Wild rydes serverless website workshop
Wild rydes serverless website workshopWild rydes serverless website workshop
Wild rydes serverless website workshopAmazon Web Services
 
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...Amazon Web Services
 
AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...
AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...
AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...Amazon Web Services
 
Customer Sharing: HTC - What is in AWS Cloud for me?
Customer Sharing: HTC - What is in AWS Cloud for me?Customer Sharing: HTC - What is in AWS Cloud for me?
Customer Sharing: HTC - What is in AWS Cloud for me?Amazon Web Services
 
Argus media & amazon cloud search
Argus media & amazon cloud searchArgus media & amazon cloud search
Argus media & amazon cloud searchAmazon Web Services
 
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Amazon Web Services
 
AWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWS
AWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWSAWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWS
AWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWSAmazon Web Services
 
AWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operative
AWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operativeAWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operative
AWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operativeAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 

En vedette (20)

AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into Compliance
 
(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
 
CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...
CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...
CSRA’s Migration to AWS GovCloud (US): An All-In Case Study | AWS Public Sect...
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
 
FedRAMP CSP SSP Training
FedRAMP CSP SSP TrainingFedRAMP CSP SSP Training
FedRAMP CSP SSP Training
 
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyDeploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum Efficiency
 
AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS
 
Wild rydes serverless website workshop
Wild rydes serverless website workshopWild rydes serverless website workshop
Wild rydes serverless website workshop
 
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...
 
Scmp aws digitalmedia_2013
Scmp aws digitalmedia_2013Scmp aws digitalmedia_2013
Scmp aws digitalmedia_2013
 
AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...
AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...
AWS Summit Auckland 2014 | Managing the Pace of Innovation: Behind the Scenes...
 
Customer Sharing: HTC - What is in AWS Cloud for me?
Customer Sharing: HTC - What is in AWS Cloud for me?Customer Sharing: HTC - What is in AWS Cloud for me?
Customer Sharing: HTC - What is in AWS Cloud for me?
 
Cost Optimization at Scale
Cost Optimization at ScaleCost Optimization at Scale
Cost Optimization at Scale
 
Argus media & amazon cloud search
Argus media & amazon cloud searchArgus media & amazon cloud search
Argus media & amazon cloud search
 
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
 
AWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWS
AWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWSAWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWS
AWS Webcast - AWS Webinar Series for Education #2 - Getting Started with AWS
 
AWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operative
AWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operativeAWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operative
AWS Enterprise Summit London | AWS as an Agile Enabler at The Co-operative
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 

Similaire à Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AWS re:Invent 2013

Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Amazon Web Services
 
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Amazon Web Services
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)Amazon Web Services
 
FedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High RequirementsFedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High RequirementsAmazon Web Services
 
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...Amazon Web Services Korea
 
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...SolarWinds
 
Applying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationApplying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationKacy Clarke
 
Mythbusting the Federal Cloud Journey
Mythbusting the Federal Cloud JourneyMythbusting the Federal Cloud Journey
Mythbusting the Federal Cloud JourneyAmazon Web Services
 
How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...
How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...
How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...Amazon Web Services
 
AWS Procuring Services for Public Sector - Peterson
AWS Procuring Services for Public Sector - PetersonAWS Procuring Services for Public Sector - Peterson
AWS Procuring Services for Public Sector - PetersonAmazon Web Services
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadAmazon Web Services
 
Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Amazon Web Services
 
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...Amazon Web Services
 
Getting Started with Amazon Enterprise Applications
Getting Started with Amazon Enterprise ApplicationsGetting Started with Amazon Enterprise Applications
Getting Started with Amazon Enterprise ApplicationsAmazon Web Services
 
Cloud Use Cases And Standards
Cloud Use Cases And StandardsCloud Use Cases And Standards
Cloud Use Cases And StandardsGovCloud Network
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceControlCase
 
The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...
The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...
The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...Amazon Web Services
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...
The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...
The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...Amazon Web Services
 

Similaire à Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AWS re:Invent 2013 (20)

Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
Is AWS GovCloud (US) Right for Your Regulated Workload? | AWS Public Sector S...
 
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
 
FedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High RequirementsFedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High Requirements
 
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
Moving Core Business to the Cloud -이덕성 대표 :: AWS 파트너 테크시프트 세미나 Moving Core B...
 
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...
Federal Webinar: Application monitoring for on-premises, hybrid, and multi-cl...
 
Applying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migrationApplying systems thinking to AWS enterprise application migration
Applying systems thinking to AWS enterprise application migration
 
Mythbusting the Federal Cloud Journey
Mythbusting the Federal Cloud JourneyMythbusting the Federal Cloud Journey
Mythbusting the Federal Cloud Journey
 
How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...
How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...
How to Effectively Plan for Disaster Recovery on AWS (CMP204-S) - AWS re:Inve...
 
AWS Procuring Services for Public Sector - Peterson
AWS Procuring Services for Public Sector - PetersonAWS Procuring Services for Public Sector - Peterson
AWS Procuring Services for Public Sector - Peterson
 
Cloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military SectorsCloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military Sectors
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated Workload
 
Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...Critical Considerations for Moving Your Core Business Applications to the Clo...
Critical Considerations for Moving Your Core Business Applications to the Clo...
 
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
 
Getting Started with Amazon Enterprise Applications
Getting Started with Amazon Enterprise ApplicationsGetting Started with Amazon Enterprise Applications
Getting Started with Amazon Enterprise Applications
 
Cloud Use Cases And Standards
Cloud Use Cases And StandardsCloud Use Cases And Standards
Cloud Use Cases And Standards
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP Marketplace
 
The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...
The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...
The System Administrator Role in the Cloud Era: Better Than Ever (ENT212) | A...
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...
The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...
The Quest for Continuous ATO: A Case Study Featuring the US Intelligence Comm...
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Dernier

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Dernier (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AWS re:Invent 2013

  • 1. SEC204 - Building Secure Applications and Navigating FedRAMP in the AWS GovCloud (US) Region CJ Moses, GM – AWS Global Cloud Solutions Chris Gile, Manager - AWS Federal Compliance Programs Jennifer Gray - Federal Cloud Lead - HHS Enterprise Cloud Architect Tom Soderstrom - CTO, Jet Propulsion Laboratory November 13, 2013 © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 2. AWS GovCloud (US) • The AWS Government Community Cloud for vetted U.S. Government and U.S. commercial entities with ties to U.S. Government functions and services • Built with U.S. government customers in mind and appropriate for: – – – • U.S. Government agencies – US Federal, state and local entities U.S. Government contractors, systems integrators, and FFRDCs U.S. Companies with IT regulatory requirements Designed to allow U.S. government agencies and customers to move more sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements – Appropriate for Controlled Unclassified Information (CUI) or Unclassified data and workloads
  • 3. AWS GovCloud (US) • Data stays in CONUS – Region located in the Pacific Northwest • Only approved AWS U.S. Persons have access to restricted areas, networks, and systems for administration • AWS managed account provisioning; each potential customer is vetted to ensure they are a U.S. entity and not prohibited or restricted from exporting or from providing services by the U.S. government • Data, Network and Machine Isolation – – – Mandatory virtual private cloud (Amazon VPC) segregation for all customers, which offers an additional layer of isolation and protection Separate, isolated credentials database (AWS IAM) FIPS 140-2 hardware for endpoints and VPN
  • 4. FedRAMP Overview • FedRAMP Overview • AWS FedRAMP Program • Shared Responsibility Model & Achieving Compliance with AWS
  • 5. FedRAMP Overview • OMB mandated FedRAMP compliance for government agencies using CSPs • Government-wide program standardizing CSP security assessments • Four approaches for CSPs to demonstrate compliance supporting agency needs • All FedRAMP package types in FedRAMP repository can be leveraged by USG agencies
  • 6. AWS’ FedRAMP Program • Agency ATOs (2) granted by HHS May ’13 covering: – US East/West and GovCloud (US) Regions – EC2, S3, EBS, VPC, and IAM services (more on the way!) – Reviewed by HHS, CDC, NIH, & FDA – FedRAMP-accredited 3PAO assessed AWS against all 297 Moderate FedRAMP controls • Subsequent federal agency ATOs granted based on AWS FedRAMP packages – Our Agency ATOs can be leveraged by any customer
  • 7. AWS’ FedRAMP Program • Request AWS FedRAMP package via FedRAMP PMO or directly from AWS • So how do you achieve compliance using the AWS FedRAMP package?
  • 8. Security is a Shared Responsibility Optimized Network/OS/App Controls Service-specific Controls Managed by Customer Compliance in the Cloud Cross-service Controls Cloud Service Provider Controls Compliance of the Cloud Managed by AWS
  • 9. Security is a Shared Responsibility Customer Data • Customers implement their own set of controls (shared controls) • Customers document their implementation of controls in SSP • Customers conduct 3PAO assessment • Multiple customers with Low/Mod ATOs • Customers tell us High ATOs possible • Payment Card Industry (PCI) Data Security Standard Level 1 • NIST 800-53 Controls & multiple ATOs; FedRAMP • DoD Compliant Controls and multiple DIACAP ATOs • SSAE 16 Types 1 & 2 (SAS 70) • ISO 27001/ 2 Certification • HIPAA and ITAR Compliant Users and Roles Account Management Applications Managed by Customer Firewalls Network Configuration Guest Operating System Virtualization Layer Compute Infrastructure Storage Infrastructure Network Infrastructure Managed by AWS Facilities Physical Security AWS Global Infrastructure
  • 10. Useful Links & Resources • • • • • • • AWS FedRAMP Package for AWS GovCloud (US) Region AWS FedRAMP SSP Template http://aws.amazon.com/compliance http://aws.amazon.com/compliance/#whitepapers http://aws.amazon.com/compliance/fedramp-faqs http://aws.amazon.com/security http://aws.amazon.com/documentation awscompliance@amazon.com
  • 11. OFFICE OF THE CHIEF INFORMATION OFFICER DEPARTMENT OF HEALTH AND HUMAN SERVICES U.S. DEPARTMENT OF HEALTH AND HUMAN SERVICES HHS Use Case Agency FedRAMP ATO Experience Jennifer Gray
  • 12. Key Drivers • HHS Cloud Strategy • FedRAMP Policy Memo (OMB Policy Memo December 8, 2011) • Existing HHS Cloud Systems using AWS environment • HHS FedRAMP Standard Operating Procedures 12
  • 13. Build Effective Team • OCIO Senior Leadership • HHS OIS Security Cloud Security Team • Operational Divisions (FDA, NIH, CDC, OS) • FedRAMP Program Management Office • Amazon Web Services (AWS) Risk & Compliance Team • 3PAO (Veris Group) FDA FedRAMP PMO NIH HHS OIS Cloud Security Team AWS (CSP) CDC 13
  • 14. HHS FedRAMP Security Authorization Process • Agency-wide FedRAMP Standard Operating Procedures • Released by through HHS CISO • Defines how HHS will authorize cloud services to ensure they meet FedRAMP requirements 14
  • 15. HHS FedRAMP AWS Authorization Process 15
  • 16. AWS Achieves HHS FedRAMP ATO • FedRAMP Complete - May 20, 2013 • Worked with HHS FedRAMP Team to ensure standard process aligns with FedRAMP PMO expectations • Consistent with FedRAMP CONOPs. • Includes details about initial documentation as well as periodic updates 16
  • 17. Key Lessons Learned • • • • • • Senior Management Sponsorship Merge FedRAMP process into existing security assessment and authorization processes Ensure all security artifacts are provided at least one week prior to reviews Develop full project schedule with all key stakeholders in advance Develop FAQ post ATO Collect resource metrics for future planning 17
  • 18. SEC204 - Building Secure Applications and Navigating FedRAMP in the AWS GovCloud (US) Region Tom Soderstrom, Jet Propulsion Laboratory November 13, 2013 © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 19. Agenda 1. JPL’s Journey 2. JPL’s Results 3. JPL’s Future
  • 21. Why Cloud Computing? Increased demand for IT. Cloud computing promised: • Additional, powerful options for IT • Increased compute and storage capability • Faster speed to market • Lowering unit IT costs • One size does not have to fit all • Computing as secure as we have today • Needed ITAR-certified cloud computing
  • 23. 23
  • 25. JPL used Cloud Computing for Outreach… and beyond Microsoft
  • 27. … but ITAR approval took a while, producing separate ATOs for FISMA Moderate and ITAR
  • 28. AWS GovCloud ATO (US Persons Only)           Accountable (CIO) Letter of intent and compliance by JPL IT CTO Concurrence by JPL IT Security and Infrastructure Concurrence by NASA OCIO Concurrence by Caltech Audit Concurrence by NASA Office of Inspector General Concurrence by JPL and NASA Export Control Office Concurrence by Caltech/JPL Legal Concurrence by additional key stakeholders Adheres to JPL’s standard Policies and Procedures
  • 29. Full 360 degree view Quarterly reviews Enables usage Continuous awareness
  • 30. AWS GovCloud ATO (US Persons Only)           Accountable (CIO) Letter of intent and compliance by JPL IT CTO Concurrence by JPL IT Security and Infrastructure Concurrence by NASA OCIO Concurrence by Caltech Audit Concurrence by NASA Office of Inspector General Concurrence by JPL and NASA Export Control Office Concurrence by Caltech/JPL Legal Concurrence by additional key stakeholders Adheres to JPL’s standard Policies and Procedures
  • 31. AWS GovCloud Use Cases So Far       Radar Processing (large scale) Virtual Workshops Big Data analytics of JPL sensitive data Storage and processing of Mars Exploration Rovers data Rapid prototyping when some data is sensitive User: “If it can handle ITAR, I don’t have to separate the data, so I’ll get started now”  Cyber Security: “I can use my normal tools”  JPL wants Glacier next
  • 32. Amazon Glacier Total Cost Comparison DR Use Case Storage and Retrieval Costs Over 10 years Glacier total costs $ S3 total costs SDSC total costs JPL Private Cloud total costs Denver total costs 1 2 3 4 5 6 Storage Years 7 8 9 10
  • 34.
  • 35. MoonTours App shows new cloud-enabled architecture : Devices + Data + Processing + Clouds
  • 36. Please give us your feedback on this presentation SEC204 As a thank you, we will select prize winners daily for completed surveys!