SlideShare une entreprise Scribd logo

Security and Compliance – Most Commonly Asked Questions - Technical 101

Amazon Web Services
Amazon Web Services

We've heard from our customers that using AWS allows them to operate even more securely than they could in their own data centres. Why is this? We will tackle the most commonly asked security & compliance questions customers ask when adopting the AWS Cloud. We will demonstrate practical ways to make sure you're operating securely, and hear first-hand from an AWS customer about how they are using the platform today and the importance of getting this right. Speaker: Matthew Jobson, Account Manager, Amazon Web Services & Ben Chung, Head of Security Assurance, Amazon Web Services, APAC Featured Customer - Health Direct Australia

Technologie
1  sur  47
©  2016,  Amazon  Web  Services,  Inc.  or  its  Affiliates.  All  rights  reserved. Matthew  Jobson  – Account  Manager,  AWS Ben  Chung  – Head  of  Security  Assurance,  AWS Brett  Knuth  – Security  Manager,  Healthdirect Australia April  2016 Security  &  Compliance Most  Commonly  Asked  Questions Technical  101
Quote  – Capital  One The  financial  service  industry  attracts  some  of  the   worst  cyber  criminals.  We worked closely  with  AWS   to  develop  a  security  model  that  we  believe  enables   us  to  operate  more  securely  in  the  public  cloud   than  we  can  in  our  own  data  centers. Rob  Alexander CIO,  Capital  One ” “
Why  is  Security  Your #1  Priority? Because  it’s  important,  and  it’s  hard
Security  is  Job  Zero Familiar  Security   Model Validated  and  Certified  by   Independent  Auditors PEOPLE  &  PROCESS SYSTEM NETWORK PHYSICAL Benefits  All  Customers
Rapid  Pace  of  Innovation 2009 48 159 722 82 2011 2013 2015
Our  Virtuous  Cycle New   Features Customer Feedback Scale New Customers
Where  is  My  Data? You  decide!
Data  Ownership You  choose  where  to  place  your  data AWS  regions  are  geographically   isolated  by  design Data  is  not  replicated  to  other  AWS  regions  and  doesn’t   move  unless  you  tell  us  to  do  so You  always  own  your  data,  the  ability  to  encrypt  it,  move  it   and  delete  it
Where  Can  I  Place  My  Data? Region Edge  Location 12 Regions 32 Availability  Zones 54 Edge  Locations
What  is  a  Region? AWS  Region Availability Zone Availability ZoneAvailability Zone Region Edge  Location
What  is  an  Availability  Zone? Data  Center Data  Center Data  Center Data  Center Availability  Zone Availability   Zone   A Availability   Zone   B Availability   Zone   C Sample  Region ~  Data  Center
Example  AWS  Data  Center Data  Center Availability  Zone
What  about  Physical  Security?
How  do  we  Manage  the  Disks?
How  do  we  Securely  Dispose  of  Disks? This To  This
Does  AWS  look  after  Security  for  Me? Yes,  and  No!  It’s  a  Shared  Responsibility
Shared  Responsibility AWS  Foundation  Services Compute Storage Database Networking Client-­side  Data   Encryption Server-­side  Data   Encryption Network  Traffic   Protection Platform,  Applications,  Identity  &  Access  Management Customer  Content AWS  Global   Infrastructure Regions Availability   Zones Edge   Locations Customers  have   their  choice  of     security   configurations  IN the  Cloud AWS  is   responsible  for   the  security  OF the  Cloud Operating  System,  Network,  &  Firewall  Configuration Customers
Classification Security  Policy Customer  Provided  and  Managed  Controls Encryption Governance ITDaM ITSM Monitoring Operations Malware Risk   Management You  Control  how  you  Manage  your  Own  Risks AWS  Managed  and  Audited  Controls SOC  1 SOC  2 PCI-­DSS NIST  800-­53 ISO  27001 AWS  Provided,  Customer  Configured  and  Managed  Controls Virtual  Private   Cloud Key   Management Logging Other  AWS   features  and  services Customer  Risk  Appetite  and  Desired  Control  Environment Business  Risks Sourcing  Risks Technology   Risks Security  Risks Compliance AWSCustomers
Audits,  Accreditations  &  Certifications
How  can  AWS  help  me  be  Secure? …remember  that  Virtuous  Cycle?
AWS  WAF Network  Security Amazon   VPC
Identity  Management  &  Access  Control AWS  IAM MFA AWS  Security   Token  Service
Key  Management  &  Encryption AWS  KMS AWS CloudHSM ACM
Monitoring,  Logging  &  Auditing AWS CloudTrail AWS Config Amazon   CloudWatch
Configuration  &  Assessment AWS Config Rules Amazon   Inspector AWS CloudFormation
Trusted  Advisor
Third  Party  Tools Encryption  &   Key  Mgmt Server  &   Endpoint   Protection Application   Security Vulnerability     &  Pen   Testing Advanced   Threat   Analytics Identity  and   Access   Mgmt Network   Security
Don’t  take  my  word  for  it….. Tom  Soderstrom CTO,  NASA  JPL “ Based  on  our  experience,  I  believe  that   we  can  be  even  more  secure  in  the  AWS   Cloud  than  in  our  own  data  centers ”
Customer  Journey: Healthdirect Australia
Healthdirect  Australia  – Our  Brands
Healthdirect  Australia  – Our  Evolution
Healthdirect  Australia  – The  Cloud Much  like  the  turtle  in  “Over  The  Hedge”  I  was  the  singular  voice  saying   NO don’t  go  over  the  hedge  (in  this  case  AWS)  !
Healthdirect  Australia  – The  Cloud • Healthdirect  was  an  anchor  tenant  for  AWS  here  in  Australia. • Our  use  was  restricted  to  Non-­Production  environments   whilst  we  housed  our  Production  systems  elsewhere.
Why  was  I  the  Turtle? Certified  for  everything  but  what  I  needed
When  the  Turtle  Changed  his  Tune! Certified  for  Australian  Government   Information  Security  Manual  (ISM)
When  the  Turtle  Changed  his  Tune! Certified  for  Australian  Government  Information  Security  Manual  (ISM)   signed  off  by  Australian  Signals  Directorate  (ASD). • A  total  1377  controls,  932  controls  applicable  to  Healthdirect, AWS  provide  a  base  of  463  implemented  controls  UNCLASSIFIED Compared  to;; • PCI  V3.1  with  400  controls • FISMA  with  861  controls • ISO  27001:2013  with  114  controls • FedRamp Rev.  4  with  325  controls
Shared  Responsibility  and  We  Do!
Shared  Responsibility  and  We  Do! Healthdirect  Australia  instantiated  its  own  security  wrapper  as  per  the   shared  responsibility  model;; • VMs  build  and  hardened  as  per  CIS  Security  Benchmarks • All  VMs  have  Host  based  firewalls/IDS-­IPS/Virtual  Patching/Malware   Protection • Front  door  is  protected  by  a  WAF  and  API  Manager • All  VMs  are  scanned  for  vulnerabilities  nightly • Admin  and  Privileged  access  tightly  managed  and  recorded • We  have  our  own  CA  services • All  solutions  are  independently  penetration  tested • All  solutions  are  independently  audited  by  an  IRAP  Assessor
Healthdirect  Australia  in  AWS   We  are  entirely  in  AWS  with  a  farm  of  some  800  to  900  virtual  machines   – approximately  200  in  PRODUCTION  at  any  stage  !
Healthdirect  Australia  in  AWS   Advantages • Masters  of  our  destiny  – ability  to  spin  up  and  takedown  as  required • Able  to  increase  instance  sizes  as  required • Price  points  for  instances • No  data  center  and  associated  costs • Storage  capability • Elastic  compute  environment  grow  as  required • Dual  availability  zones  for  “High  Availability” • Able  to  take  advantage  of  new  services  as  they  complete  ISM  Certification • Information  remains  On  Shore • Instantiated  a  continuous  delivery  mode  of  operation • Enabled  us  to  automate  deployments  and  builds • Everything  is  a  software  based  API
Healthdirect  Australia  in  AWS   3  Pieces  of  Advice……..to  leave  you  with  ! • Understand  your  Corporate  Legal  and  Regulatory  Requirements • Identify  a  Security  Stack  that  will  assist  you  in  meeting  these   requirements • Plan  Plan and  Plan  – have  a  devils  advocate  throw  the  worst   case  scenarios  at  you  during  your  planning
Security  is  Job  Zero YOU  ARE  BETTER  OFF  IN  AWS  THAN  YOU  ARE  IN   YOUR  OWN  ENVIRONMENT “Nearly  60%  of  organizations  agreed  that  CSPs  (cloud   service  providers)  provide  better  security  than  their  own   IT  organizations.” -­ Source:  IDC  2013  U.S.  Cloud  Security  Survey.  Doc  #242836,  September  2013
Resources  /  Further  Reading • AWS  Cloud  Security https://aws.amazon.com/security/ • AWS  Security  Blog http://blogs.aws.amazon.com/security/ • AWS  Answers https://aws.amazon.com/answers/ • Case  Study  – Capital  One https://aws.amazon.com/solutions/case-­studies/capital-­one/ • Whitepaper:  AWS  Security http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf • Whitepaper:  AWS  Risk  &  Compliance https://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf • CIS  (Centre  for  Internet  Security)  – Guidance  for  configuring  security  options  on  AWS https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf • Getting  Started  – Documentation http://aws.amazon.com/documentation/gettingstarted/
AWS  Training  &  Certification Intro  Videos  &  Labs   Free  videos  and  labs  to   help  you  learn  to  work   with  30+  AWS  services   – in  minutes! Training  Classes In-­person  and  online   courses  to  build   technical  skills  – taught  by  accredited   AWS  instructors Online  Labs   Practice  working  with   AWS  services  in  live   environment  – Learn  how  related   services  work   together AWS  Certification Validate  technical   skills  and  expertise  – identify  qualified  IT   talent  or  show  you   are  AWS  cloud  ready Learn  more:  aws.amazon.com/training
Your  Training  Next  Steps: ü Visit  the  AWS  Training  &  Certification  pod  to  discuss  your   training  plan  &  AWS  Summit  training  offer ü Register  &  attend  AWS  instructor  led  training ü Get  Certified AWS  Certified?  Visit  the  AWS  Summit  Certification  Lounge  to  pick  up  your  swag Learn  more:  aws.amazon.com/training
Thank  you!

Recommandé

Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services
 
Design Patterns for Developers - Technical 201
Design Patterns for Developers - Technical 201Design Patterns for Developers - Technical 201
Design Patterns for Developers - Technical 201Amazon Web Services
 
Taking Speed out of the Equation - Session Sponsored by TPG Telecom
Taking Speed out of the Equation - Session Sponsored by TPG TelecomTaking Speed out of the Equation - Session Sponsored by TPG Telecom
Taking Speed out of the Equation - Session Sponsored by TPG TelecomAmazon Web Services
 
Building enterprise class disaster recovery as a service to aws - session spo...
Building enterprise class disaster recovery as a service to aws - session spo...Building enterprise class disaster recovery as a service to aws - session spo...
Building enterprise class disaster recovery as a service to aws - session spo...Amazon Web Services
 
Cloud is the New Normal, So How Do I Get Started? - Business
Cloud is the New Normal, So How Do I Get Started? - BusinessCloud is the New Normal, So How Do I Get Started? - Business
Cloud is the New Normal, So How Do I Get Started? - BusinessAmazon Web Services
 
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...Amazon Web Services
 
Following Well Architected Frameworks - Lunch and Learn.pdf
Following Well Architected Frameworks - Lunch and Learn.pdfFollowing Well Architected Frameworks - Lunch and Learn.pdf
Following Well Architected Frameworks - Lunch and Learn.pdfAmazon Web Services
 

Recommandé

Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services
 
Design Patterns for Developers - Technical 201
Design Patterns for Developers - Technical 201Design Patterns for Developers - Technical 201
Design Patterns for Developers - Technical 201Amazon Web Services
 
Taking Speed out of the Equation - Session Sponsored by TPG Telecom
Taking Speed out of the Equation - Session Sponsored by TPG TelecomTaking Speed out of the Equation - Session Sponsored by TPG Telecom
Taking Speed out of the Equation - Session Sponsored by TPG TelecomAmazon Web Services
 
Building enterprise class disaster recovery as a service to aws - session spo...
Building enterprise class disaster recovery as a service to aws - session spo...Building enterprise class disaster recovery as a service to aws - session spo...
Building enterprise class disaster recovery as a service to aws - session spo...Amazon Web Services
 
Cloud is the New Normal, So How Do I Get Started? - Business
Cloud is the New Normal, So How Do I Get Started? - BusinessCloud is the New Normal, So How Do I Get Started? - Business
Cloud is the New Normal, So How Do I Get Started? - BusinessAmazon Web Services
 
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...Amazon Web Services
 
Following Well Architected Frameworks - Lunch and Learn.pdf
Following Well Architected Frameworks - Lunch and Learn.pdfFollowing Well Architected Frameworks - Lunch and Learn.pdf
Following Well Architected Frameworks - Lunch and Learn.pdfAmazon Web Services
 
Running a Lean Startup with AWS
Running a Lean Startup with AWSRunning a Lean Startup with AWS
Running a Lean Startup with AWSAmazon Web Services
 
Keeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveKeeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveAmazon Web Services
 
Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Amazon Web Services
 
Key Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessKey Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessAmazon Web Services
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtHelen Rogers
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
 
2016 summits - future of enterprise it
2016 summits - future of enterprise it2016 summits - future of enterprise it
2016 summits - future of enterprise itAmazon Web Services
 
The Why and How to Go All In on AWS
The Why and How to Go All In on AWSThe Why and How to Go All In on AWS
The Why and How to Go All In on AWSAmazon Web Services
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Amazon Web Services
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Amazon Web Services
 
Application Migrations at Scale
Application Migrations at ScaleApplication Migrations at Scale
Application Migrations at ScaleAmazon Web Services
 
Husqvarna Group
Husqvarna GroupHusqvarna Group
Husqvarna GroupAmazon Web Services
 
Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
 
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Amazon Web Services
 
Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Amazon Web Services
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAmazon Web Services
 
T4 – Understanding aws security
T4 – Understanding aws securityT4 – Understanding aws security
T4 – Understanding aws securityAmazon Web Services
 
Protecting your data in aws - Toronto
Protecting your data in aws - TorontoProtecting your data in aws - Toronto
Protecting your data in aws - TorontoAmazon Web Services
 

Contenu connexe

Tendances

Keeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveKeeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveAmazon Web Services
 
Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Amazon Web Services
 
Key Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessKey Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessAmazon Web Services
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtHelen Rogers
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
 
2016 summits - future of enterprise it
2016 summits - future of enterprise it2016 summits - future of enterprise it
2016 summits - future of enterprise itAmazon Web Services
 
The Why and How to Go All In on AWS
The Why and How to Go All In on AWSThe Why and How to Go All In on AWS
The Why and How to Go All In on AWSAmazon Web Services
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Amazon Web Services
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Amazon Web Services
 
Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
 
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Amazon Web Services
 
Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Amazon Web Services
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAmazon Web Services
 

Tendances (20)

Running a Lean Startup with AWS
Running a Lean Startup with AWSRunning a Lean Startup with AWS
Running a Lean Startup with AWS
 
Keeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand CurveKeeping Security In-Step with your Application Demand Curve
Keeping Security In-Step with your Application Demand Curve
 
Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201
 
Key Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - BusinessKey Steps for Setting up your AWS Journey for Success - Business
Key Steps for Setting up your AWS Journey for Success - Business
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John Hildebrandt
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
 
2016 summits - future of enterprise it
2016 summits - future of enterprise it2016 summits - future of enterprise it
2016 summits - future of enterprise it
 
The Why and How to Go All In on AWS
The Why and How to Go All In on AWSThe Why and How to Go All In on AWS
The Why and How to Go All In on AWS
 
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
Visibility and Control in the Cloud: How to Get your Boss Comfortable with AW...
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial Services
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
 
Application Migrations at Scale
Application Migrations at ScaleApplication Migrations at Scale
Application Migrations at Scale
 
Husqvarna Group
Husqvarna GroupHusqvarna Group
Husqvarna Group
 
Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm Welcome Keynote - AWS Summit Stockholm
Welcome Keynote - AWS Summit Stockholm
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneSimplify & Standardise Your Migration to AWS with a Migration Landing Zone
Simplify & Standardise Your Migration to AWS with a Migration Landing Zone
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud Infrastructure
 
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks
 
Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017
 
Automate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS ResourcesAutomate Best Practices and Operational Health for your AWS Resources
Automate Best Practices and Operational Health for your AWS Resources
 

En vedette

T4 – Understanding aws security
T4 – Understanding aws securityT4 – Understanding aws security
T4 – Understanding aws securityAmazon Web Services
 
Protecting your data in aws - Toronto
Protecting your data in aws - TorontoProtecting your data in aws - Toronto
Protecting your data in aws - TorontoAmazon Web Services
 
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)Amazon Web Services
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAmazon Web Services
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesAmazon Web Services
 
Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013
Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013
Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013Amazon Web Services
 
DevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWSDevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWSAmazon Web Services
 
Advanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAdvanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAmazon Web Services
 
AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...
AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...
AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...Amazon Web Services
 
Building Web Scale Applications with AWS
Building Web Scale Applications with AWSBuilding Web Scale Applications with AWS
Building Web Scale Applications with AWSAmazon Web Services
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Amazon Web Services
 

En vedette (20)

T4 – Understanding aws security
T4 – Understanding aws securityT4 – Understanding aws security
T4 – Understanding aws security
 
Protecting your data in aws - Toronto
Protecting your data in aws - TorontoProtecting your data in aws - Toronto
Protecting your data in aws - Toronto
 
Introduction of AWS KMS
Introduction of AWS KMSIntroduction of AWS KMS
Introduction of AWS KMS
 
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)
 
AWS Adoption in FSI
AWS Adoption in FSIAWS Adoption in FSI
AWS Adoption in FSI
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial Services
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013
Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013
Security Assurance and Governance in AWS (SEC203) | AWS re:Invent 2013
 
AWS in Financial Services
AWS in Financial ServicesAWS in Financial Services
AWS in Financial Services
 
DevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWSDevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWS
 
Advanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAdvanced Security Best Practices Masterclass
Advanced Security Best Practices Masterclass
 
AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...
AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...
AWS re:Invent 2016: How Capital One Built a Voice-Based Banking Skill for Ama...
 
Building Web Scale Applications with AWS
Building Web Scale Applications with AWSBuilding Web Scale Applications with AWS
Building Web Scale Applications with AWS
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
 
protecting your data in aws
protecting your data in aws protecting your data in aws
protecting your data in aws
 
AWS Security & Compliance
AWS Security & ComplianceAWS Security & Compliance
AWS Security & Compliance
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM
 

Similaire à Security and Compliance – Most Commonly Asked Questions - Technical 101

Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security ShakedownAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAmazon Web Services
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAmazon Web Services
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology GovernanceAlert Logic
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23Rolf Koski
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAmazon Web Services
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorAmazon Web Services
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questionsShivamSharma909
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudAmazon Web Services
 

Similaire à Security and Compliance – Most Commonly Asked Questions - Technical 101 (20)

Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security Shakedown
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology Governance
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the Cloud
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWS
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23
 
Security in the cloud
Security in the cloudSecurity in the cloud
Security in the cloud
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation Security
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public Sector
 
Security & Compliance
Security & Compliance Security & Compliance
Security & Compliance
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Dernier (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Security and Compliance – Most Commonly Asked Questions - Technical 101

  • 1. ©  2016,  Amazon  Web  Services,  Inc.  or  its  Affiliates.  All  rights  reserved. Matthew  Jobson  – Account  Manager,  AWS Ben  Chung  – Head  of  Security  Assurance,  AWS Brett  Knuth  – Security  Manager,  Healthdirect Australia April  2016 Security  &  Compliance Most  Commonly  Asked  Questions Technical  101
  • 2. Quote  – Capital  One The  financial  service  industry  attracts  some  of  the   worst  cyber  criminals.  We worked closely  with  AWS   to  develop  a  security  model  that  we  believe  enables   us  to  operate  more  securely  in  the  public  cloud   than  we  can  in  our  own  data  centers. Rob  Alexander CIO,  Capital  One ” “
  • 3. Why  is  Security  Your #1  Priority? Because  it’s  important,  and  it’s  hard
  • 4. Security  is  Job  Zero Familiar  Security   Model Validated  and  Certified  by   Independent  Auditors PEOPLE  &  PROCESS SYSTEM NETWORK PHYSICAL Benefits  All  Customers
  • 5. Rapid  Pace  of  Innovation 2009 48 159 722 82 2011 2013 2015
  • 6. Our  Virtuous  Cycle New   Features Customer Feedback Scale New Customers
  • 7. Where  is  My  Data? You  decide!
  • 8. Data  Ownership You  choose  where  to  place  your  data AWS  regions  are  geographically   isolated  by  design Data  is  not  replicated  to  other  AWS  regions  and  doesn’t   move  unless  you  tell  us  to  do  so You  always  own  your  data,  the  ability  to  encrypt  it,  move  it   and  delete  it
  • 9. Where  Can  I  Place  My  Data? Region Edge  Location 12 Regions 32 Availability  Zones 54 Edge  Locations
  • 10. What  is  a  Region? AWS  Region Availability Zone Availability ZoneAvailability Zone Region Edge  Location
  • 11. What  is  an  Availability  Zone? Data  Center Data  Center Data  Center Data  Center Availability  Zone Availability   Zone   A Availability   Zone   B Availability   Zone   C Sample  Region ~  Data  Center
  • 12. Example  AWS  Data  Center Data  Center Availability  Zone
  • 13. What  about  Physical  Security?
  • 14. How  do  we  Manage  the  Disks?
  • 15. How  do  we  Securely  Dispose  of  Disks? This To  This
  • 16. Does  AWS  look  after  Security  for  Me? Yes,  and  No!  It’s  a  Shared  Responsibility
  • 17. Shared  Responsibility AWS  Foundation  Services Compute Storage Database Networking Client-­side  Data   Encryption Server-­side  Data   Encryption Network  Traffic   Protection Platform,  Applications,  Identity  &  Access  Management Customer  Content AWS  Global   Infrastructure Regions Availability   Zones Edge   Locations Customers  have   their  choice  of     security   configurations  IN the  Cloud AWS  is   responsible  for   the  security  OF the  Cloud Operating  System,  Network,  &  Firewall  Configuration Customers
  • 18. Classification Security  Policy Customer  Provided  and  Managed  Controls Encryption Governance ITDaM ITSM Monitoring Operations Malware Risk   Management You  Control  how  you  Manage  your  Own  Risks AWS  Managed  and  Audited  Controls SOC  1 SOC  2 PCI-­DSS NIST  800-­53 ISO  27001 AWS  Provided,  Customer  Configured  and  Managed  Controls Virtual  Private   Cloud Key   Management Logging Other  AWS   features  and  services Customer  Risk  Appetite  and  Desired  Control  Environment Business  Risks Sourcing  Risks Technology   Risks Security  Risks Compliance AWSCustomers
  • 19. Audits,  Accreditations  &  Certifications
  • 20. How  can  AWS  help  me  be  Secure? …remember  that  Virtuous  Cycle?
  • 22. Identity  Management  &  Access  Control AWS  IAM MFA AWS  Security   Token  Service
  • 23. Key  Management  &  Encryption AWS  KMS AWS CloudHSM ACM
  • 24. Monitoring,  Logging  &  Auditing AWS CloudTrail AWS Config Amazon   CloudWatch
  • 25. Configuration  &  Assessment AWS Config Rules Amazon   Inspector AWS CloudFormation
  • 27. Third  Party  Tools Encryption  &   Key  Mgmt Server  &   Endpoint   Protection Application   Security Vulnerability     &  Pen   Testing Advanced   Threat   Analytics Identity  and   Access   Mgmt Network   Security
  • 28. Don’t  take  my  word  for  it….. Tom  Soderstrom CTO,  NASA  JPL “ Based  on  our  experience,  I  believe  that   we  can  be  even  more  secure  in  the  AWS   Cloud  than  in  our  own  data  centers ”
  • 32. Healthdirect  Australia  – The  Cloud Much  like  the  turtle  in  “Over  The  Hedge”  I  was  the  singular  voice  saying   NO don’t  go  over  the  hedge  (in  this  case  AWS)  !
  • 33. Healthdirect  Australia  – The  Cloud • Healthdirect  was  an  anchor  tenant  for  AWS  here  in  Australia. • Our  use  was  restricted  to  Non-­Production  environments   whilst  we  housed  our  Production  systems  elsewhere.
  • 34. Why  was  I  the  Turtle? Certified  for  everything  but  what  I  needed
  • 35. When  the  Turtle  Changed  his  Tune! Certified  for  Australian  Government   Information  Security  Manual  (ISM)
  • 36. When  the  Turtle  Changed  his  Tune! Certified  for  Australian  Government  Information  Security  Manual  (ISM)   signed  off  by  Australian  Signals  Directorate  (ASD). • A  total  1377  controls,  932  controls  applicable  to  Healthdirect, AWS  provide  a  base  of  463  implemented  controls  UNCLASSIFIED Compared  to;; • PCI  V3.1  with  400  controls • FISMA  with  861  controls • ISO  27001:2013  with  114  controls • FedRamp Rev.  4  with  325  controls
  • 38. Shared  Responsibility  and  We  Do! Healthdirect  Australia  instantiated  its  own  security  wrapper  as  per  the   shared  responsibility  model;; • VMs  build  and  hardened  as  per  CIS  Security  Benchmarks • All  VMs  have  Host  based  firewalls/IDS-­IPS/Virtual  Patching/Malware   Protection • Front  door  is  protected  by  a  WAF  and  API  Manager • All  VMs  are  scanned  for  vulnerabilities  nightly • Admin  and  Privileged  access  tightly  managed  and  recorded • We  have  our  own  CA  services • All  solutions  are  independently  penetration  tested • All  solutions  are  independently  audited  by  an  IRAP  Assessor
  • 39. Healthdirect  Australia  in  AWS   We  are  entirely  in  AWS  with  a  farm  of  some  800  to  900  virtual  machines   – approximately  200  in  PRODUCTION  at  any  stage  !
  • 40. Healthdirect  Australia  in  AWS   Advantages • Masters  of  our  destiny  – ability  to  spin  up  and  takedown  as  required • Able  to  increase  instance  sizes  as  required • Price  points  for  instances • No  data  center  and  associated  costs • Storage  capability • Elastic  compute  environment  grow  as  required • Dual  availability  zones  for  “High  Availability” • Able  to  take  advantage  of  new  services  as  they  complete  ISM  Certification • Information  remains  On  Shore • Instantiated  a  continuous  delivery  mode  of  operation • Enabled  us  to  automate  deployments  and  builds • Everything  is  a  software  based  API
  • 41. Healthdirect  Australia  in  AWS   3  Pieces  of  Advice……..to  leave  you  with  ! • Understand  your  Corporate  Legal  and  Regulatory  Requirements • Identify  a  Security  Stack  that  will  assist  you  in  meeting  these   requirements • Plan  Plan and  Plan  – have  a  devils  advocate  throw  the  worst   case  scenarios  at  you  during  your  planning
  • 42.
  • 43. Security  is  Job  Zero YOU  ARE  BETTER  OFF  IN  AWS  THAN  YOU  ARE  IN   YOUR  OWN  ENVIRONMENT “Nearly  60%  of  organizations  agreed  that  CSPs  (cloud   service  providers)  provide  better  security  than  their  own   IT  organizations.” -­ Source:  IDC  2013  U.S.  Cloud  Security  Survey.  Doc  #242836,  September  2013
  • 44. Resources  /  Further  Reading • AWS  Cloud  Security https://aws.amazon.com/security/ • AWS  Security  Blog http://blogs.aws.amazon.com/security/ • AWS  Answers https://aws.amazon.com/answers/ • Case  Study  – Capital  One https://aws.amazon.com/solutions/case-­studies/capital-­one/ • Whitepaper:  AWS  Security http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf • Whitepaper:  AWS  Risk  &  Compliance https://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf • CIS  (Centre  for  Internet  Security)  – Guidance  for  configuring  security  options  on  AWS https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf • Getting  Started  – Documentation http://aws.amazon.com/documentation/gettingstarted/
  • 45. AWS  Training  &  Certification Intro  Videos  &  Labs   Free  videos  and  labs  to   help  you  learn  to  work   with  30+  AWS  services   – in  minutes! Training  Classes In-­person  and  online   courses  to  build   technical  skills  – taught  by  accredited   AWS  instructors Online  Labs   Practice  working  with   AWS  services  in  live   environment  – Learn  how  related   services  work   together AWS  Certification Validate  technical   skills  and  expertise  – identify  qualified  IT   talent  or  show  you   are  AWS  cloud  ready Learn  more:  aws.amazon.com/training
  • 46. Your  Training  Next  Steps: ü Visit  the  AWS  Training  &  Certification  pod  to  discuss  your   training  plan  &  AWS  Summit  training  offer ü Register  &  attend  AWS  instructor  led  training ü Get  Certified AWS  Certified?  Visit  the  AWS  Summit  Certification  Lounge  to  pick  up  your  swag Learn  more:  aws.amazon.com/training