SlideShare a Scribd company logo

AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance

Amazon Web Services
Amazon Web Services

In this session, AWS will cover our Shared Responsibility Model in relations to Security and our Compliance Program. Customers can expect to learn about how AWS works with customers to build solutions to secure their cloud-based environments. They will also come away with an understanding of our compliance program and what security assurances they inherit as customers

Technology
1 of 23
Download to read offline
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. John McDonald, Global Financial Services Security & Compliance Architect for AWS June 22, 2017 The Shared Responsibility Model and AWS Compliance Compliance with Confidence
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. 16 Regions – 42 Availability Zones – 68 Edge Locations Region & Number of Availability Zones AWS GovCloud (2) EU Ireland (3) US West Frankfurt (2) Oregon (3) London (2) Northern California (3) Asia Pacific US East Singapore (2) N. Virginia (5) Ohio (3) Sydney (2), Tokyo (3) Seoul (2), Mumbai (2) Canada Central (2) China Beijing (2) South America São Paulo (3) New regions coming soon Paris, Ningxia, Stockholm AWS Global Infrastructure
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. CUSTOMER CUSTOMER DATA OPERATING SYSTEM, NETWORK & FIREWALL CONFIGURATION AWS PLATFORM, APPLICATIONS, IDENTITY & ACCESS MANAGEMENT RESPONSIBILITY FOR SECURITY “IN” THE CLOUD COMPUTE STORAGE DATABASE NETWORKIN G CLIENT-SIDE DATA ENCRYPTION & DATA INTEGRITY AUTHENTICATION SERVER-SIDE ENCRYPTION (FILE SYSTEM AND / OR DATA) NETWORKING TRAFFIC PROTECTION (ENCRYPTION / INTEGRITY / IDENTITY) RESPONSIBILITY FOR SECURITY “OF” THE CLOUD AWS GLOBAL INFRA- STRUCTURE EDGE LOCATIONS REGIONS AVAILABILITY ZONES AWS Shared Responsibility Model – Overview
Security “Of” The Cloud AWS Compliance Program
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Customer-focused We have designed our compliance processes to be as user-friendly as possible and ensure our own controls meet the highest bar Comprehensive We provide a broad toolkit to support governance, risk, and controls that harnesses automation to meet audit demands Configurable We work with you to develop a compliance program that can adapt to changing regulations and operations Complementary We view regulatory compliance as an obligation we collectively address and not a revenue opportunity $ We help customers rapidly develop effective compliance programs Our Programmatic Approach
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Dashboards & Monitoring FinServ Specific Contracts Global Regulatory Engagement Rigorous Auditing of AWS Services Transparency into AWS Controls What We Provide How Customers Benefit Certifications and Audit Reports Catalogue of AWS Services Centralized Control over Services We work behind the scenes to facilitate and de-complex compliance Core Compliance Principles at Work
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Terms & Conditions Transparency Compliance/ Security Tools & Services Security & Continuity Support Industry Expertise Shaping the Regulatory Landscape Guidance and programs to help our customers quickly set up sustainable compliance programs Tools and support to help our customers manage audit demands Mechanisms to advocate for— and share best practices with—our customers Support ranging from low-touch to strategic guidance Our Compliance Framework
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Our approach is designed to make contracting as straightforward as possible: • Cloud services terms for outsourcing and third-party management • Terms to address global and regional compliance objectives • No contract lock-in Regulatory Audit Rights AWS Audit Commitments EU Model Clauses Data Protection Agreements Customer Compliance Briefings Resources to help customers with documentation Contractual terms that meet the needs of financial services institutions Terms & Conditions
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Documentation of controls relevant to specific AWS services Information regarding AWS policies, processes, and controls Validation that AWS controls are operating effectively What is it? A globally available, no-cost portal that provides on- demand access to AWS’ most recent external security and compliance certifications Global Certifications and Attestations How does it work? Customers can review reports, align AWS controls to their own control frameworks, and use the reports to verify that AWS controls are operating effectively Customer Compliance Briefings To provide additional insight into our controls, we also conduct deep dive sessions directly with customers. Use AWS Artifact for easy access to compliance documentation Transparency
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security & Governance Architecture Review increases reliability of existing and new applications AWS Trusted Advisor provides security and fault tolerance recommendations Technical Account Manager enables enterprise- grade response times Operations Support provides root-cause analysis and reporting Infrastructure Event Management provides real-time support for migrations and planned events Foundational Objectives Increased availability Enhanced data protection Rigorous access and identity management Reduce infrastructure risk and increase confidence in your applications Security & Continuity Support
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Best Practices Enablers to help customers address regulatory frameworks and maintain a compliance-ready environment. Training & Certification Industry-tailored technical and compliance training to accelerate cloud adoption Professional Services Specialists with industry and technology experience that customers engage to define and implement a roadmap to compliance. AWS Partner Competency Global program comprising financial services technology and consulting companies that can help customers comply with different financial services industry regulations.Market Segment Expertise Resources include former regulators and compliance officers, security experts, and technology specialists with industry experience Conferences & Affiliations Relationships with leading industry security and compliance groups like FS-ISAC AWS Global Financial Services Our Financial Services team provides access to a range of resources Deep Industry Expertise
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Educate regulars to help examiners audit AWS environments Country-by-country impact assessments to map how financial institutions need to operate Region- and country- specific compliance guides to document key policy changes and responses Regulatory policy evaluations to assess the potential impact of regulations Facilitate dialogue between the industry and its regulators Ongoing engagement with regulators Influence policy and enforcement Assess and communicate policy Shape regulatory landscape to reflect changes in technology Provide customers with the space and feedback channels they need to innovate We engage with regulators, both to guide and to communicate policy Regulatory Engagement
Security “In” The Cloud AWS Security Essentials
Architecture artifacts (design choices, narrative, etc.) committed to common repositories Complete solutions account for automation Solution architectures are living audit/compliance artifacts and evidence in a closed loop Evolved Security Architecture Practice AWS CodeCommit AWS CodePipeline Jenkins Security architecture can now be part of the “maker” team Evolving the Practice of Security Architecture
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS has a prescriptive approach to adoption of cloud services AWS Cloud Adoption Framework The AWS Cloud Adoption Framework (AWS CAF) organizers guidance into six areas of focus, which span your entire organization. • We describe each of these areas of focus as Perspectives. • Perspectives each encompass distinct responsibilities owned by functionally related stakeholders. Three Perspectives address Business Stakeholders: • Business • People • Governance Three Perspectives address Technology Stakeholders: • Platform • Security • Operations
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance in the Cloud Customer risk appetite and desired control environment Customers decide on the appropriate controls and processes to manage and monitor the effectiveness of their customized controls. Based on the Customers’ controls, companies can identify and document controls operated by AWS.
AWS Key Management Service (KMS) Managed service to create and control encryption keys AWS Identity & Access Mgmt. (IAM) Securely control access to AWS services and resources for your users Amazon Inspector Automated application security assessment service AWS Service Catalog & CloudFormation AWS tools to manage approved services and golden environments across all accounts, Lines of Business, user bases. AWS Cloud Hardware Security Module (HSM) Hardware-based keys storage for regulatory compliance AWS Direct Connect Dedicated network connection between your network and one of the AWS Direct Connect locations AWS EC2 Systems Manager Fleet management for vulnerability scanning and patching. AWS Shield Managed Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS Amazon Virtual Private Cloud (VPC) Logically isolated section of the AWS cloud where you launch AWS resources in a virtual network that you define AWS Organizations Policy-based management for multiple AWS accounts AWS WAF Tool designed to filter malicious web traffic Automating administrative tasks to support comprehensive governance Compliance / Security Tools & Services AWS Config & Config Rules AWS resource inventory, configuration history, and configuration change notifications & preventive rules.
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormation Service CatalogStack Template Instances AppsResources Stack Stack Design Package Products Portfolios DeployConstrain Identity & Access Management Set Permissions Automate deployments, provisioning, and configurations Security by Design Automates Security Operations
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1: Operations Three Lines of Defense using AWS Services 2: Supervisory 3: Audit AWS CloudTrail Amazon CloudWatch Amazon Inspector Amazon SNS ConfigRules AWS Config AWS CloudTrail AWS Artifact AWS KMS AWS IAM Amazon VPC AWS Shield AWS WAF AWS CloudFormation AWS Service Catalog AWS Organizations ConfigRules AWS Trusted Advisor Amazon SNS
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Systems Integrators & Consultants Financial Services Providers Specialized firms who have experience in migrating FSI to the cloud Financial Services Competency Partners
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Mgmt Data Protection A comprehensive set of offerings across multiple areas of concern AWS Marketplace Security Partnerships
Contact our Financial Services Security & Compliance Leaders View client testimonials at our Security & Compliance for Financial Services homepage https://aws.amazon.com/financial-services/security-compliance/ Consult the AWS Security & Compliance Quick Reference Guide https://d0.awsstatic.com/whitepapers/compliance/AWS_Complia nce_Quick_Reference.pdf Explore the AWS Artifact portal https://aws.amazon.com/artifact/ View our webinar on automating compliance in the cloud https://aws.amazon.com/financial-services/security-compliance/ Learn more about our security & compliance accelerators https://aws.amazon.com/quickstart/ awscompliance@amazon.com Where to learn more about AWS’ security & compliance resources Getting Started
© 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you John McDonald, Global Financial Services Security & Compliance Architect for AWS johnemcd@amazon.com

Recommended

Aws keynote oil and gas calgary industry day - jon guidroz
Aws keynote oil and gas calgary industry day - jon guidrozAws keynote oil and gas calgary industry day - jon guidroz
Aws keynote oil and gas calgary industry day - jon guidroz
Amazon Web Services
 
Building for Scale with AWS Media Services
Building for Scale with AWS Media ServicesBuilding for Scale with AWS Media Services
Building for Scale with AWS Media Services
Amazon Web Services
 
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
Amazon Web Services
 
12 Steps to Cloud
12 Steps to Cloud12 Steps to Cloud
12 Steps to Cloud
Amazon Web Services
 
Opening Keynote - AWS Summit SG 2017
Opening Keynote - AWS Summit SG 2017Opening Keynote - AWS Summit SG 2017
Opening Keynote - AWS Summit SG 2017
Amazon Web Services
 
Building your Cloud Strategy
Building your Cloud StrategyBuilding your Cloud Strategy
Building your Cloud Strategy
Amazon Web Services
 
From the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWSFrom the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWS
Alert Logic
 
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDSManaged Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
Amazon Web Services
 

Recommended

Aws keynote oil and gas calgary industry day - jon guidroz
Aws keynote oil and gas calgary industry day - jon guidrozAws keynote oil and gas calgary industry day - jon guidroz
Aws keynote oil and gas calgary industry day - jon guidroz
Amazon Web Services
 
Building for Scale with AWS Media Services
Building for Scale with AWS Media ServicesBuilding for Scale with AWS Media Services
Building for Scale with AWS Media Services
Amazon Web Services
 
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
Amazon Web Services
 
12 Steps to Cloud
12 Steps to Cloud12 Steps to Cloud
12 Steps to Cloud
Amazon Web Services
 
Opening Keynote - AWS Summit SG 2017
Opening Keynote - AWS Summit SG 2017Opening Keynote - AWS Summit SG 2017
Opening Keynote - AWS Summit SG 2017
Amazon Web Services
 
Building your Cloud Strategy
Building your Cloud StrategyBuilding your Cloud Strategy
Building your Cloud Strategy
Amazon Web Services
 
From the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWSFrom the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWS
Alert Logic
 
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDSManaged Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
Amazon Web Services
 
Cloud Migration for Financial Services - Toronto - October 2016
Cloud Migration for Financial Services - Toronto - October 2016Cloud Migration for Financial Services - Toronto - October 2016
Cloud Migration for Financial Services - Toronto - October 2016
Amazon Web Services
 
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
Amazon Web Services
 
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWS
Amazon Web Services
 
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Amazon Web Services
 
Interconnect with Ecosystems and Things- AWS Summit SG 2017
Interconnect with Ecosystems and Things- AWS Summit SG 2017Interconnect with Ecosystems and Things- AWS Summit SG 2017
Interconnect with Ecosystems and Things- AWS Summit SG 2017
Amazon Web Services
 
Migrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWSMigrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWS
Amazon Web Services
 
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
Amazon Web Services
 
Accelerating your Business with Security
Accelerating your Business with SecurityAccelerating your Business with Security
Accelerating your Business with Security
Amazon Web Services
 
Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017
Amazon Web Services
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Amazon Web Services
 
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSIoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
Helen Rogers
 
AWSome Day Iceland - Technical Track
AWSome Day Iceland - Technical TrackAWSome Day Iceland - Technical Track
AWSome Day Iceland - Technical Track
Amazon Web Services
 
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon Web Services
 
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAutomating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Amazon Web Services
 
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Amazon Web Services
 
Cost Optimization on AWS
Cost Optimization on AWSCost Optimization on AWS
Cost Optimization on AWS
Amazon Web Services
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Amazon Web Services
 
AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...
AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...
AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...
Amazon Web Services
 
AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...
AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...
AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...
Amazon Web Services
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial Services
Amazon Web Services
 
Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS
Amazon Web Services
 
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
Amazon Web Services
 

More Related Content

What's hot

AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
Amazon Web Services
 
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Amazon Web Services
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Amazon Web Services
 
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon Web Services
 
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAutomating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Amazon Web Services
 
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Amazon Web Services
 

What's hot (20)

Cloud Migration for Financial Services - Toronto - October 2016
Cloud Migration for Financial Services - Toronto - October 2016Cloud Migration for Financial Services - Toronto - October 2016
Cloud Migration for Financial Services - Toronto - October 2016
 
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
AWS Initiate Berlin - Das Zeitalter von Big Data - So nutzen Sie Daten zum En...
 
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWS
 
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
Your Business at the Speed of Cloud. Innovate with Cloud-Native App Delivery,...
 
Interconnect with Ecosystems and Things- AWS Summit SG 2017
Interconnect with Ecosystems and Things- AWS Summit SG 2017Interconnect with Ecosystems and Things- AWS Summit SG 2017
Interconnect with Ecosystems and Things- AWS Summit SG 2017
 
Migrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWSMigrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWS
 
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
How Can I Build a Landing Zone & Extend my Operations into AWS to Support my ...
 
Accelerating your Business with Security
Accelerating your Business with SecurityAccelerating your Business with Security
Accelerating your Business with Security
 
Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017
 
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
Architecting Application Services For Hybrid Cloud - AWS Summit SG 2017
 
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSIoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
 
AWSome Day Iceland - Technical Track
AWSome Day Iceland - Technical TrackAWSome Day Iceland - Technical Track
AWSome Day Iceland - Technical Track
 
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
Amazon on Amazon: How Amazon Designs Chips on AWS (MFG305) - AWS re:Invent 2018
 
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAutomating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
 
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
Building an Investment Case for Mass Migrations to AWS - AWS Summit SG 2017
 
Cost Optimization on AWS
Cost Optimization on AWSCost Optimization on AWS
Cost Optimization on AWS
 
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
Get Started Today with Cloud-Ready Contracts | AWS Public Sector Summit 2016
 
AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...
AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...
AWS Initiate Berlin - Cloud Economics - Berechnung der tatsächlichen Kostene...
 
AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...
AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...
AWS Initiate Berlin - Plenary Session - Digitale Transformation im öffentlich...
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial Services
 

Similar to AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance

GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
Amazon Web Services
 
How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS
Amazon Web Services
 
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Amazon Web Services
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Amazon Web Services
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Amazon Web Services
 

Similar to AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance (20)

Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS Achieving Continuous Compliance with CTP and AWS
Achieving Continuous Compliance with CTP and AWS
 
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
GPSMKT201-Expanding Channel Opportunities Using AWS Marketplace as a Fulfillm...
 
GPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
GPSBUS214-Key Considerations for Cloud Procurement in the Public SectorGPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
GPSBUS214-Key Considerations for Cloud Procurement in the Public Sector
 
AWS - Security & Compliance
AWS - Security & ComplianceAWS - Security & Compliance
AWS - Security & Compliance
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology Governance
 
How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
How Rent-A-Center Stays Secure and Compliant on AWS with Alert Logic
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWS
 
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud MigrationMigrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
 
Build a Profitable and Customer-Centric Next-Gen MSP Practice (GPSBUS205) - A...
Build a Profitable and Customer-Centric Next-Gen MSP Practice (GPSBUS205) - A...Build a Profitable and Customer-Centric Next-Gen MSP Practice (GPSBUS205) - A...
Build a Profitable and Customer-Centric Next-Gen MSP Practice (GPSBUS205) - A...
 
ENT315_Landing Zones
ENT315_Landing ZonesENT315_Landing Zones
ENT315_Landing Zones
 
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security Fundamentals
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
 
Introduction: Security & AWS Storage
Introduction: Security & AWS StorageIntroduction: Security & AWS Storage
Introduction: Security & AWS Storage
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practices
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Recently uploaded (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance

  • 1. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. John McDonald, Global Financial Services Security & Compliance Architect for AWS June 22, 2017 The Shared Responsibility Model and AWS Compliance Compliance with Confidence
  • 2. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. 16 Regions – 42 Availability Zones – 68 Edge Locations Region & Number of Availability Zones AWS GovCloud (2) EU Ireland (3) US West Frankfurt (2) Oregon (3) London (2) Northern California (3) Asia Pacific US East Singapore (2) N. Virginia (5) Ohio (3) Sydney (2), Tokyo (3) Seoul (2), Mumbai (2) Canada Central (2) China Beijing (2) South America São Paulo (3) New regions coming soon Paris, Ningxia, Stockholm AWS Global Infrastructure
  • 3. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. CUSTOMER CUSTOMER DATA OPERATING SYSTEM, NETWORK & FIREWALL CONFIGURATION AWS PLATFORM, APPLICATIONS, IDENTITY & ACCESS MANAGEMENT RESPONSIBILITY FOR SECURITY “IN” THE CLOUD COMPUTE STORAGE DATABASE NETWORKIN G CLIENT-SIDE DATA ENCRYPTION & DATA INTEGRITY AUTHENTICATION SERVER-SIDE ENCRYPTION (FILE SYSTEM AND / OR DATA) NETWORKING TRAFFIC PROTECTION (ENCRYPTION / INTEGRITY / IDENTITY) RESPONSIBILITY FOR SECURITY “OF” THE CLOUD AWS GLOBAL INFRA- STRUCTURE EDGE LOCATIONS REGIONS AVAILABILITY ZONES AWS Shared Responsibility Model – Overview
  • 4. Security “Of” The Cloud AWS Compliance Program
  • 5. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Customer-focused We have designed our compliance processes to be as user-friendly as possible and ensure our own controls meet the highest bar Comprehensive We provide a broad toolkit to support governance, risk, and controls that harnesses automation to meet audit demands Configurable We work with you to develop a compliance program that can adapt to changing regulations and operations Complementary We view regulatory compliance as an obligation we collectively address and not a revenue opportunity $ We help customers rapidly develop effective compliance programs Our Programmatic Approach
  • 6. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Dashboards & Monitoring FinServ Specific Contracts Global Regulatory Engagement Rigorous Auditing of AWS Services Transparency into AWS Controls What We Provide How Customers Benefit Certifications and Audit Reports Catalogue of AWS Services Centralized Control over Services We work behind the scenes to facilitate and de-complex compliance Core Compliance Principles at Work
  • 7. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Terms & Conditions Transparency Compliance/ Security Tools & Services Security & Continuity Support Industry Expertise Shaping the Regulatory Landscape Guidance and programs to help our customers quickly set up sustainable compliance programs Tools and support to help our customers manage audit demands Mechanisms to advocate for— and share best practices with—our customers Support ranging from low-touch to strategic guidance Our Compliance Framework
  • 8. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Our approach is designed to make contracting as straightforward as possible: • Cloud services terms for outsourcing and third-party management • Terms to address global and regional compliance objectives • No contract lock-in Regulatory Audit Rights AWS Audit Commitments EU Model Clauses Data Protection Agreements Customer Compliance Briefings Resources to help customers with documentation Contractual terms that meet the needs of financial services institutions Terms & Conditions
  • 9. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Documentation of controls relevant to specific AWS services Information regarding AWS policies, processes, and controls Validation that AWS controls are operating effectively What is it? A globally available, no-cost portal that provides on- demand access to AWS’ most recent external security and compliance certifications Global Certifications and Attestations How does it work? Customers can review reports, align AWS controls to their own control frameworks, and use the reports to verify that AWS controls are operating effectively Customer Compliance Briefings To provide additional insight into our controls, we also conduct deep dive sessions directly with customers. Use AWS Artifact for easy access to compliance documentation Transparency
  • 10. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security & Governance Architecture Review increases reliability of existing and new applications AWS Trusted Advisor provides security and fault tolerance recommendations Technical Account Manager enables enterprise- grade response times Operations Support provides root-cause analysis and reporting Infrastructure Event Management provides real-time support for migrations and planned events Foundational Objectives Increased availability Enhanced data protection Rigorous access and identity management Reduce infrastructure risk and increase confidence in your applications Security & Continuity Support
  • 11. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Best Practices Enablers to help customers address regulatory frameworks and maintain a compliance-ready environment. Training & Certification Industry-tailored technical and compliance training to accelerate cloud adoption Professional Services Specialists with industry and technology experience that customers engage to define and implement a roadmap to compliance. AWS Partner Competency Global program comprising financial services technology and consulting companies that can help customers comply with different financial services industry regulations.Market Segment Expertise Resources include former regulators and compliance officers, security experts, and technology specialists with industry experience Conferences & Affiliations Relationships with leading industry security and compliance groups like FS-ISAC AWS Global Financial Services Our Financial Services team provides access to a range of resources Deep Industry Expertise
  • 12. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Educate regulars to help examiners audit AWS environments Country-by-country impact assessments to map how financial institutions need to operate Region- and country- specific compliance guides to document key policy changes and responses Regulatory policy evaluations to assess the potential impact of regulations Facilitate dialogue between the industry and its regulators Ongoing engagement with regulators Influence policy and enforcement Assess and communicate policy Shape regulatory landscape to reflect changes in technology Provide customers with the space and feedback channels they need to innovate We engage with regulators, both to guide and to communicate policy Regulatory Engagement
  • 13. Security “In” The Cloud AWS Security Essentials
  • 14. Architecture artifacts (design choices, narrative, etc.) committed to common repositories Complete solutions account for automation Solution architectures are living audit/compliance artifacts and evidence in a closed loop Evolved Security Architecture Practice AWS CodeCommit AWS CodePipeline Jenkins Security architecture can now be part of the “maker” team Evolving the Practice of Security Architecture
  • 15. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS has a prescriptive approach to adoption of cloud services AWS Cloud Adoption Framework The AWS Cloud Adoption Framework (AWS CAF) organizers guidance into six areas of focus, which span your entire organization. • We describe each of these areas of focus as Perspectives. • Perspectives each encompass distinct responsibilities owned by functionally related stakeholders. Three Perspectives address Business Stakeholders: • Business • People • Governance Three Perspectives address Technology Stakeholders: • Platform • Security • Operations
  • 16. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Governance in the Cloud Customer risk appetite and desired control environment Customers decide on the appropriate controls and processes to manage and monitor the effectiveness of their customized controls. Based on the Customers’ controls, companies can identify and document controls operated by AWS.
  • 17. AWS Key Management Service (KMS) Managed service to create and control encryption keys AWS Identity & Access Mgmt. (IAM) Securely control access to AWS services and resources for your users Amazon Inspector Automated application security assessment service AWS Service Catalog & CloudFormation AWS tools to manage approved services and golden environments across all accounts, Lines of Business, user bases. AWS Cloud Hardware Security Module (HSM) Hardware-based keys storage for regulatory compliance AWS Direct Connect Dedicated network connection between your network and one of the AWS Direct Connect locations AWS EC2 Systems Manager Fleet management for vulnerability scanning and patching. AWS Shield Managed Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS Amazon Virtual Private Cloud (VPC) Logically isolated section of the AWS cloud where you launch AWS resources in a virtual network that you define AWS Organizations Policy-based management for multiple AWS accounts AWS WAF Tool designed to filter malicious web traffic Automating administrative tasks to support comprehensive governance Compliance / Security Tools & Services AWS Config & Config Rules AWS resource inventory, configuration history, and configuration change notifications & preventive rules.
  • 18. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudFormation Service CatalogStack Template Instances AppsResources Stack Stack Design Package Products Portfolios DeployConstrain Identity & Access Management Set Permissions Automate deployments, provisioning, and configurations Security by Design Automates Security Operations
  • 19. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. 1: Operations Three Lines of Defense using AWS Services 2: Supervisory 3: Audit AWS CloudTrail Amazon CloudWatch Amazon Inspector Amazon SNS ConfigRules AWS Config AWS CloudTrail AWS Artifact AWS KMS AWS IAM Amazon VPC AWS Shield AWS WAF AWS CloudFormation AWS Service Catalog AWS Organizations ConfigRules AWS Trusted Advisor Amazon SNS
  • 20. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Systems Integrators & Consultants Financial Services Providers Specialized firms who have experience in migrating FSI to the cloud Financial Services Competency Partners
  • 21. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Mgmt Data Protection A comprehensive set of offerings across multiple areas of concern AWS Marketplace Security Partnerships
  • 22. Contact our Financial Services Security & Compliance Leaders View client testimonials at our Security & Compliance for Financial Services homepage https://aws.amazon.com/financial-services/security-compliance/ Consult the AWS Security & Compliance Quick Reference Guide https://d0.awsstatic.com/whitepapers/compliance/AWS_Complia nce_Quick_Reference.pdf Explore the AWS Artifact portal https://aws.amazon.com/artifact/ View our webinar on automating compliance in the cloud https://aws.amazon.com/financial-services/security-compliance/ Learn more about our security & compliance accelerators https://aws.amazon.com/quickstart/ awscompliance@amazon.com Where to learn more about AWS’ security & compliance resources Getting Started
  • 23. © 2017 | Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you John McDonald, Global Financial Services Security & Compliance Architect for AWS johnemcd@amazon.com