AWS Webcast - AWS Compliance Forum Introduction Oct 2013

4,795 views
4,608 views

Published on

Amazon Web Services (AWS) has developed a customer compliance forum to facilitate in-depth compliance discussions between you and with AWS Compliance. The webinar focuses on the AWS shared responsibility security model and how your organization can achieve security and compliance within your use of AWS services. This initial AWS Compliance Forum webinar will provide an overview of AWS compliance programs, use cases, and the various compliance verticals AWS can support both through current certification and attestations (i.e., PCI, SOC, FedRAMP, and ISO) as well as areas AWS can illustrate use cases for workloads related to Life Sciences, Financial Services, and state/federal government compliance requirements. From there we will discuss the goals of the AWS Compliance Forum and plans for future webinars and small-group compliance discussions.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
4,795
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

AWS Webcast - AWS Compliance Forum Introduction Oct 2013

  1. 1. AWS Compliance Forum Introduction October 31, 2013 © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  2. 2. Session Agenda (Very) brief overview: Compliance of AWS AWS Compliance Forum detail: Compliance in AWS – Who, What, When, Where, Why, and How What’s Next for your AWS Compliance Forum Additional Q&A © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  3. 3. Compliance of AWS Start with our AWS Compliance whitepapers AWS Compliance Programs Want to learn more about AWS compliance? – AWS Compliance Website: Programs and Whitepapers: https://aws.amazon.com/compliance – Ask a question and/or request a certification or report by reaching out to awscompliance@amazon.com © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  4. 4. Now for the main event AWS COMPLIANCE FORUM © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  5. 5. Want to connect with other AWS customers? 100% 90% 80% 70% 60% AWS Compliance Forum THE WHO 50% 98% Yes! 40% 30% 20% 10% 0% © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. 2% No thanks
  6. 6. Customers like you Customers in roles like yours Chief Operations Officer © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  7. 7. Customers like you Customers in roles like yours Customers in industries like yours Aerospace & Defense Insurance Agriculture and Mining Manufacturing Banking Media and Publishing Consumer Goods Non-Profits Education Pharmaceuticals & Biotech Energy & Utilities Retail Finance Technology Government Telecommunications Healthcare & Medical Transportation and Logistics © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  8. 8. Customers like you Customers in roles like yours Customers in industries like yours Customers adhering to standards/regulations like yours Internal policies and security standards PCI DSS v2.0 ISO 27001:2005 HIPAA SOX; Requires a SOC report International privacy or breach disclosure laws FISMA State privacy or breach disclosure laws FedRAMP Other ISO 9001:2008 ITAR GLBA DIACAP ISO 14001:2004 CJIS Security Policy FERPA NERC-CIP 56% 51% 42% 42% 34% 33% 32% 31% 29% 17% 15% 14% 11% 11% 6% 6% 5% 3% 0% © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. 20% 40% 60%
  9. 9. POLLING QUESTION #1 PLACEHOLDER I am most interested in connecting with customers who are: • In roles like mine • In my industry • Adhere to similar standards/regulations © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  10. 10. Want to connect with AWS specialists? 100% 90% 80% 70% 60% AWS Compliance Forum THE WHO (PART 2) 50% 97% Yes! 40% 30% 20% 10% 0% © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. 3% No thanks
  11. 11. AWS resources AWS Architecture Center AWS Documentation That’s nice, but how about some two-way interaction… – AWS Compliance Architects – AWS Security Solutions Architects – AWS Professionals Services © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  12. 12. POLLING QUESTION #2 PLACEHOLDER Which AWS specialists is most useful to you right now? • AWS Compliance Architects • AWS Security Solutions Architects • AWS Professional Services Consultants © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  13. 13. AWS Specialists wanting to help you Chris Whalley AWS Compliance Architect Max Ramsay AWS Principal Security Solutions Architect Chris Gile AWS Compliance Architect © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. Tom Sheehan AWS Senior Consultant
  14. 14. Questions about customers or AWS specialists in the AWS Compliance Forum? © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  15. 15. Do you want support in interpreting and implementing control requirements in the cloud? 99% Yes! AWS Compliance Forum THE WHAT… AND THE WHY… AND THE HOW © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. 1% No thanks
  16. 16. AWS Compliance Forum mission To enable you to easily and effectively interpret and implement control requirements in the cloud by connecting you with fellow AWS customers, AWS compliance specialists, and specialized content Are you comfortable interpreting and implementing control requirements in the cloud? 100% 100% 90% 80% 23% No…Help! 90% 80% 70% 70% 60% 60% 50% 40% 66% Not really 100% Yes!! 50% 40% 30% 30% 20% 20% 10% 0% 11% yes, but… Current State 10% 0% Future State © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  17. 17. Getting to ‘future state’: Your content Industry- and regulation-specific workbooks – FFIEC, HIPAA, PCI, etc. Changes to standards (and interpretation guidance) – PCI DSS v3.0, ISO 27001:2013, etc. Compliance whitepapers – Governance features, logging features, etc. Compliance case studies – Customers sharing their experiences, lessons learned and reference architectures (HIPAA, PCI, etc.) © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  18. 18. Customized depth of content Summary-level An overview of security and compliance considerations for your industry ‘Anonymized’ stories about others’ successes and challenges with compliance A mapping to your existing compliance programs and associated controls A discussion around how to architect to adhere to standards or regulations A discussion around your control implementation concerns © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. Detailed-level
  19. 19. POLLING QUESTION #3 PLACEHOLDER Think of the standard/policy for which compliance is top-ofmind to you right now. What would be most helpful to you? • An overview of security & compliance considerations • ‘Anonymized’ stories about others’ successes/challenges • A mapping to your existing compliance programs/controls • A discussion around how to architect to adhere • A discussion around your implementation concerns © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  20. 20. Your content medium Compliance whitepapers and case studies Webinars Industry-focused discussion groups Standard-focused discussion groups (i.e. PCI DSS) Live presentations with AWS Compliance © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  21. 21. POLLING QUESTION #4 PLACEHOLDER Which of the following are you most interested in? • Compliance whitepapers and case studies • Webinars • Industry-focused discussion groups • Standard-focused discussion groups (i.e. PCI DSS) • Live presentations with AWS Compliance © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  22. 22. Questions on ‘the what, why and how’? © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  23. 23. AWS Compliance Forum THE WHEN AND WHERE © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  24. 24. Planned cadence Monthly: Industry- or standard-specific discussion group Quarterly: General-interest webinar Semi-annually: AWS Compliance Forum newsletter Annually: AWS Compliance Forum meet n’ greet Ad-hoc: Public appearances, case-study publication, etc. © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  25. 25. Questions on ‘the where and when’? © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  26. 26. AWS Compliance Forum WHAT’S NEXT? © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  27. 27. What about between now and then? Socialize this webinar with key people in your org Check out the AWS Security blog – Tags by: Compliance, Best practices, etc. Attend re:Invent sessions focused on compliance (or watch the recordings on YouTube in late Nov) – SEC101: AWS Security – Keynote Address – SEC203: Security Assurance and Governance in AWS – SEC204: Building Secure Applications and Navigating FedRAMP in the AWS GovCloud (US) Region – SEC206: Taking the Fear Out of PCI Compliance in the Cloud – SEC306: Implementing Bullet-Proof HIPAA Solutions on AWS © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  28. 28. AWS Compliance Forum ADDITIONAL QUESTIONS? © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.
  29. 29. Copyright © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved. This work may not be reproduced or redistributed, in whole or in part, without prior written permission from Amazon Web Services, Inc. Commercial copying, lending, or selling is prohibited. Questions? Email us at awscompliance@amazon.com. © 2013 Amazon Web Services, Inc. and its affiliates. All rights reserved.

×