The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can do so only from his corporate desktop on the corporate network, from Monday–Friday 9–5, and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.