AWS Summit Milan - Capire la Sicurezza Keynote

1,242 views

Published on

Published in: Technology

AWS Summit Milan - Capire la Sicurezza Keynote

  1. 1. Amazon Web Services Security & Compliance Overview Dob Todorov Principal Security & Compliance Architect EMEA
  2. 2. undifferentiated heavy lifting
  3. 3. utility computing
  4. 4. Hundreds of Thousands of Customers in 190 Countries…
  5. 5. GovCloud US West US West US East (US ITAR Region) (Northern California) (Oregon) (Northern Virginia) South America EU (Sao Paulo) (Ireland) Asia Pacific Asia Pacific (Singapore) (Tokyo) Asia Pacific (Sydney) AWS Regions AWS Edge Locations
  6. 6. EU West US East Asia Pacific Asia Pacific (Dublin) (Virginia) (Tokyo) (Australia) A B A B A C A B A C B A B B A B C B A US West US West South America Asia Pacific (Northern California) (Oregon) (Sao Paolo) (Singapore)
  7. 7. Personal Data Protection in Europe • EC Directive 95/46/EC: Personal Data Protection • Use Amazon Web Services Dublin Region • Safe Harbour EU Compliant • Safe Harbour Switzerland Compliant
  8. 8. The Shared Responsibility Model in the Cloud Customer Data Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System and/or Data) Network Traffic Protection (Encryption/Integrity/Identity) Optional -- Opaque Data: 0s and 1s (in flight/at rest) Foundation Services Compute AWS Global Infrastructure Database Storage Availability Zones Regions Networking Edge Locations
  9. 9. The Shared Responsibility Model in the Cloud Customer Data Security IN the Cloud Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Client-side Data Encryption & Data Integrity Authentication Server-side Encryption (File System and/or Data) Network Traffic Protection (Encryption/Integrity/Identity) Optional -- Opaque Data: 0s and 1s (in flight/at rest) Foundation Services Compute Security OF the Cloud AWS Global Infrastructure Database Storage Availability Zones Regions Networking Edge Locations
  10. 10. User Identification, Authentication and Authorisation in the Cloud Enterprise Applications Active Directory/ LDAP Corporate Systems AD/LDAP Users EC2 DynamoDB Amazon Identity & Access Management IAM Users S3
  11. 11. User Identification, Authentication and Authorisation in the Cloud Enterprise Applications Corporate Systems Active Directory/ LDAP AD/LDAP Users EC2 DynamoDB Amazon Identity & Access Management Access Token for Federated Access S3
  12. 12. Customer-managed Controls on Amazon EC2 Security IN the Cloud Security OF the Cloud
  13. 13. Data Protection at Rest and in Flight Application-level Encryption Platform-level Encryption Network Traffic Encryption Volume-level Encryption
  14. 14. AWS Certifications & Accreditations Security IN the Cloud Security OF the Cloud
  15. 15. Online Top Up service Giuseppe Vironda – Head of Online Sales & Services Simone Bruschi – Head of Online Technology
  16. 16. Top Up Italy Top Up total turnover > 9 Billion €* Vodafone > market leader Online > channel share increase * VAT Included – source: internal research
  17. 17. Previous Online Top Up CEX (1/3) Registration needed 1 2 3
  18. 18. Previous Online Top Up CEX (2/3) Personal information required 4 6 5
  19. 19. Previous Online Top Up CEX (3/3) O K 6 Steps 31 fields required Turnaround needed! 7 click required
  20. 20. Pillars of the new Top Up service • Flexibility • Multichannel approach • Scalability • Business continuity • Security & PCI/DSS • Time To Market 20
  21. 21. New Customer Experience 2 1 CONVERSION RATE X4 NPS +10 points • 2 Steps • 2 Click • 5 fields required OK
  22. 22. Some example of flexibility Top Up Receipt Promotion Tool PayPal /Amex On/Off 3D Secure Content Management System ... and many others coming...
  23. 23. Multichannel approach Smartphone and App Desktop and Tablet Easy to integrate on new platforms Social Network
  24. 24. New Technical Solution +
  25. 25. Volume Scalability Volume of Top Up +90% +80% Large daily variability Same PERFORMANCE LEVEL
  26. 26. Business continuity 0 DOWN of top up service Business Continuity even during technical release Top Up service available 365gg / 24h
  27. 27. Security & PCI/DSS + eCommerce service of virtual goods without 3D secure and no personal data required (mail, C.F., etc.) PCI/DSS compliancy on Cloud solution
  28. 28. Time To Market 3 months From concept to go live Go Live without defect and roll back
  29. 29. Thank You
  30. 30. THANK YOU todorov@amazon.co.uk

×