Your SlideShare is downloading. ×
How Public Sector Entities are Advancing Their Security and Governance Capabilities with AWS - AWS Washington D.C. 2014
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

How Public Sector Entities are Advancing Their Security and Governance Capabilities with AWS - AWS Washington D.C. 2014

541
views

Published on

The session will cover how the public sector is advancing their security and governance capabilities with AWS.

The session will cover how the public sector is advancing their security and governance capabilities with AWS.

Published in: Technology, Business

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
541
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
35
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • establish a high level of control over your cloud environment, with
    all the security investment AWS offers with the platform itself, and
    2) with the security services, features and tools provided by AWS.

    This allows you to create a secure container that has security built in; security and control that will scale with your use and growth of the AWS cloud.
  • AWS Trusted Advisor tool.

    from AWS’s aggregated operational history of serving hundreds of thousands of AWS customers
    Draws on metrics - opportunities to save money, improve system performance, or close security gaps.
    Expanding - identified over 100 possible checks

    Trusted Advisor is available to customers with Business and Enterprise-level support.
  • Advising customers to be more efficient and to spend LESS

    This tool is available now, and if you have Business or Enterprise level support I recommend starting with that to get an idea of how your AWS environment is operating.

    Sessions will discuss this tool in more depth
     
  • Think back at Forrester quote

    “…We’ll also see organizations adopt cloud services for the improved security protections and compliance controls that they otherwise could not provide as efficiently or effectively themselves.”

    Advanced security in the cloud is here; customers are creating a scalable and controlled IT environment in AWS.

    The AWS platform is a highly secure platform. We can prove it, and more importantly YOU can prove it.

    AWS innovative features enable centralized security control. Control that is visible, testable, and automated. That scale.

    You now have great resources to understand; tools to be more secure and compliant than traditional IT

    Some recommended links to bring home with you…
  • Transcript

    • 1. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 How Public Sector is Advancing Their Security and Governance Capabilities with AWS Chad Woolf Director, AWS Risk and Compliance cwoolf@amazon.com
    • 2. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Better Security in the Cloud “…We’ll also see organizations adopt cloud services for the improved security protections and compliance controls that they otherwise could not provide as efficiently or effectively themselves.” - Security’s Cloud Revolution Is Upon Us, Forrester Research, Inc., August 2, 2013
    • 3. Better Security in AWS Cross-service Controls Service-specific Controls Managed by AWS Managed by Customer Security of the Cloud Security in the Cloud Cloud Service Provider Controls Optimized Network/OS/App Controls Request reports at: aws.amazon.com/compliance/#contact
    • 4. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Governance, Security, Compliance Enablers Governance in AWS AWS Security Best Practices AWS Auditing Security Checklist AWS Risk and Compliance AWS Trusted Advisor
    • 5. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 FedRAMP Package • Standard package: SSP, SAR • Most usable doc: SSP Template Helps you figure out this ->
    • 6. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Security at Scale: Governance in AWS 1. Financial Control 2. IT Asset Identification 3. Asset Configuration and Management 4. Logical Access Control 5. Physical Access Control 6. Data Encryption 7. Network Configuration and Management 8. Security Logging and Monitoring 9. Security Incident Response 10. Disaster Recovery Get this whitepaper at: aws.amazon.com/compliance/
    • 7. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Examples Governance Domain On-prem Challenge AWS Enabler Control Provided 8. Security Logging and Monitoring Centralized logging of user actions taken against a set of IT resources AWS CloudTrail Provides logging of API or console actions (e.g., logs when someone changes a bucket policy, stops and instance, etc.) Advanced monitoring capabilities of actions taken and changes made 10. Disaster Recovery Producing point in time, usable incremental backups EBS Snapshots Point-in-time full volume copies of EBS data into persistent storage of S3 Anytime incremental point-in-time backup of server data
    • 8. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
    • 9. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Examples Governance Domain On-prem Challenge AWS Enabler Control Provided 8. Security Logging and Monitoring Centralized logging of user actions taken against a set of IT resources AWS CloudTrail Provides logging of API or console actions (e.g., logs when someone changes a bucket policy, stops and instance, etc.) Advanced monitoring capabilities of actions taken and changes made 10. Disaster Recovery Producing point in time, usable incremental backups EBS Snapshots Point-in-time full volume copies of EBS data into persistent storage of S3 Anytime incremental point-in-time backup of server data
    • 10. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
    • 11. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Security at Scale: Governance in AWS 1. Financial Control 2. IT Asset Identification 3. Asset Configuration and Management 4. Logical Access Control 5. Physical Access Control 6. Data Encryption 7. Network Configuration and Management 8. Security Logging and Monitoring 9. Security Incident Response 10. Disaster Recovery Get this whitepaper at: aws.amazon.com/compliance/
    • 12. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Scaling Security
    • 13. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Innovative Governance Tool: AWS Trusted Advisor • Online service from AWS Support – Analyzes account for various kinds of issues and possible concerns – Soon available as an API for integration with your tools or 3rd party solutions • Four categories: – Cost savings – Security – Fault tolerance – Performance
    • 14. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Since 1/1/2013: • 10,000+ customers • 700,000+ recommendations reviewed • $140M+ in annualized savings Learn more about Trusted Advisor at: https://aws.amazon.com/premiumsupport/trustedadvisor/ Innovative Governance Tool: AWS Trusted Advisor
    • 15. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS: centralized security controls - visible, testable, automated
    • 16. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Resource Links AWS Compliance site - provides AWS Compliance Forum links, descriptions of audit reports available, contact links, and relevant whitepapers http://aws.amazon.com/co mpliance/ AWS Security Center – provides links to a detailed whitepaper on how we manage security at AWS and provides links to contact AWS Security http://aws.amazon.com/se curity/ AWS Security Blog – posts contain security best practices for AWS services, how-to guides, compliance milestones, and customer and partner stories http://blogs.aws.amazon.c om/security/ Trusted Advisor - information on the tool, the nature of the checks, and how to access it https://aws.amazon.com/p remiumsupport/trustedad visor/ Case studies – features of a wide range of companies doing amazing things on AWS http://aws.amazon.com/so lutions/case-studies/all/
    • 17. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Questions?
    • 18. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank You Chad Woolf cwoolf@amazon.com