Compliance and Security on AWS


Published on

AWS Security Assurance
AWS’ Alignment with Regulations and Standards
Security Features on AWS
Security Best Practices for Deployment on AWS
Gartner’s Magic Quadrant on Cloud IaaS

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Compliance and Security on AWS

  1. 1. Compliance and Security on AWS
  2. 2. AWS Assurance ● Shared Responsibility – ● Certifications & Audits – ● AWS has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). AWS undergoes annual SOC 1 audits. Reports – ● AWS Compliance provides assurance related to the underlying infrastructure and your organization owns the compliance initiatives related to anything placed on the AWS infrastructure. Customers can request the reports and certifications produced by AWS' third-party auditors which attest to the design and operating effectiveness of the AWS environment. Highly Secure Data Centers – AWS utilizes state-of-the-art electronic surveillance and multi-factor access control systems. Access is authorized strictly on a least privileged basis.
  3. 3. AWS’ Alignment with Regulations and Standards For more info:
  4. 4. Security Features on AWS ● Virtual Private Cloud – ● Identity & Access Management – ● AWS API call history enabling security analysis, resource change tracking, and compliance auditing Encryption – ● extra level of security using an authentication device Audit Trails (AWS CloudTrail) – ● Enable users from an existing directory (eg. Microsoft Active Directory) to access resources within your AWS account Multi-Factor Authentication – ● Unique security credentials, role separation and least privilege Identity Federation – ● private subnets & IPsec VPN tunnels Encrypted data storage using AES 256 and secure HTTP access (HTTPS) to API endpoints Built-in firewalls – security groups & access control lists
  5. 5. Security Best Practices for Deployment on AWS ● Enforce strong password policies ● Secure Base AMIs ● Regular Security updates & OS patches ● Setup Bastion hosts ● Setup a host based bi-directional firewall ● Use Intrusion prevention systems ● Perform regular Vulnerability Assessments ● Log host level and application level events
  6. 6. A Few Enterprises on AWS For more info:
  7. 7. Gartner’s Magic Quadrant on Cloud IaaS
  8. 8. About Neev Web Mobile Magento eCommerce SaaS Applications Video Streaming Portals Rich Internet Apps Custom Development iPhone Android Windows Phone 7 HTML5 Apps Cloud AWS Consulting Partner Rackspace Joyent Heroku Google App Engine Key Company Highlights 250+ team with experience in managing offshore, distributed development. Neev Technologies established in Jan ’05 User Interface Design and User Experience Design VC Funding in 2009 By Basil Partners Performance Consulting Practices Part of Publicis Groupe Quality Assurance & Testing Outsourced Product Development Member of NASSCOM. Offices at Bangalore and Pune.
  9. 9. Neev Cloud Services Cloud Application Design & Development Cloud Infrastructure Management Architecting & Developing for the Cloud Cloud Deployments & Monitoring An Official AWS Solution Provider and a premier AWS Consulting partner Using AWS since the year it was launched
  10. 10. Cloud and AWS Expertise @ Neev Cloud Expertise • • • • • • • • • • • EC2 Auto-scale,ELB Route53 S3, CloudFront RDS Elasticache SQS SES, SNS IAM CloudWatch Elastic Beanstalk • • • • • • Domains Retail eCommerce Social Education Gaming Video transformation & delivery • Custom ERP • Marketing
  11. 11. A Few Clients
  12. 12. Partnerships
  13. 13. Neev Information Technologies Pvt. Ltd. India - Bangalore India - Pune The Estate, # 121,6th Floor, #13 L’Square, 3rd Floor Dickenson Road Parihar Chowk, Aundh, Bangalore-560042 Pune – 411007. Phone :+91 80 25594416 Phone : +91-64103338 For more info on our offerings, visit