2. Principales mitos de
seguridad en AWS!
Eliminados!
M a r t i n D o m i n g u e z
S o l u t i o n s A r c h i t e c t
m p _ d o m i n g u e z
J a v i e r O l i v o
C l o u d S p e c i a l i s t M c A f e e
4. The three stages of cloud security curiosity
General cloud
security
Specific service
security
Data
security
New to cloud
and / or
business teams
Experienced in cloud
and / or
technology teams
Advanced in cloud
and / or
risk teams
6. Myth 01
“La nube publica no es tan segura
como mi infraestructura on-premises
y no es tan segura como mi nube
privada”
7. 01: AWS security of the cloud and in the cloud
Visible AutomatedPhysical
AWS’s global infrastructure is built to meet the requirements of the most
security-sensitive organizations in the world
8. Myth 02
“Cuando ponga mis datos en la nube
pierdo propiedad de ellos y talvez se
muevan a traves de diferentes
paises.”
9. 02: You own and control your content
Access TraceabilityOwnership
You retain ownership and control of your content, and you choose which
region that content resides in
10. Myth 03
“Soy un negocio altamente
regulado y no puedo usar la nube
por mis requerimientos de
cumplimiento legales.”
11. 03: AWS global compliance program
Countries Enterprise
agreement
Certifications
Our security assurance program meets or exceeds industry, country-
specific, and global security requirements
12.
13. Myth 04
“Mi negocio requiere datos
personales confidenciales, no
puedo usar la nube.”
14. 04: Using encryption on AWS
AWS KMS High standardsUbiquitous
AWS encryption services are integrated into dozens of our services and
meet the strictest industry requirements
16. 05: Security testing on AWS
Seek approval Or use
pre-approved
Shared
responsibility
AWS permits security testing of your resources in line with our acceptable
usage policy, and we provide tools to help you
18. Myth 06
“Todos mis sistemas operativos son
parchados automáticamente en la
nube.”
19. 06: Patch management on AWS
How we help Our
responsibility
Your
responsibility
You are responsible for patching operating systems that you manage. AWS
is responsible for patching services that we manage
20. Myth 07
“No puedo usar la nube para
almacenar datos confidenciales
porque todos tendrán acceso a
ellos.”
21. 07: How to secure data in Amazon Simple Storage
Service (Amazon S3)
Notify RespondProtect
Amazon S3 and our other storage services are secure by default. Customers
control who can access their data, and AWS provides multiple tools so you
can understand how access is configured
22. Myth 08
“Escucho que las claves secretas
son robadas, la forma en que
ustedes otorgan el acceso no es
seguro.”
23. 08: How to protect AWS credentials
Amazon
GuardDuty
Multi-factor
authentication
AWS provides a number of tools to protect your identity and access
credentials and to help you detect misuse
Temporary
access
24. Myth 09
“No puedo controlar la eliminación
de mis datos y no puedo verificar
que se hayan eliminado.”
25. 09: How AWS manages data deletion
Physical ValidatedLogical
When you delete your data we take multiple steps to wipe it and eventually
destroy it. This process is validated by independent
third parties
27. 10: How AWS protects serverless services
Identity Limited surface
When you use AWS’s serverless services you inherit the multiple layers of
strong security controls that are built into our core services
Building
blocks
30. 11: How AWS manages information requests
Notification EncryptionValid requests
Amazon does not disclose customer information unless we’re required to
do so to comply with a legally valid and binding order. Where we need to
act publicly to protect customers, we do
31. Myth 12
“Un usuario malintencionado
puede ver mis datos a través de su
acceso administrativo compartido.”
32. 12: How AWS manages administrative access
Process
controls
Technology
controls
AWS strictly controls our infrequent administrative access to services. This
process has executive oversight within AWS and is validated by
independent third parties
Automation
33. Myth 13
“Es posible pasar por alto su tecnología de
aislamiento y acceder a los datos de otra
persona.”
34. 13: How AWS secures the hypervisor
Experience
AWS has over a decade of experience securing our virtualization
technology. We provide a deep level of isolation within the cloud
Customization &
innovation
Isolation
36. Security benefits of the AWS cloud
Automate
with deeply
integrated
security
services
Inherit
global
security and
compliance
controls
Highest
standards
for privacy
and data
security
Largest
network
of security
partners and
solutions
Scale with
superior
visibility and
control