SlideShare a Scribd company logo

Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018

Amazon Web Services
Amazon Web Services

In this session, we discuss how customers in regulated industries like government, finance, and life sciences can use Amazon WorkSpaces to help meet security and regulatory compliance requirements for user applications and devices. Organizations who have to deal with various regulatory and security requirements (such as HIPAA, PCI, ITAR, and FedRAMP) have to consider how and where their users access applications and store data. In this session, we discuss how Amazon WorkSpaces can help you meet these unique requirements and help provide users throughout your organization with secure, fast access to desktop applications and data.

1 of 26
Download to read offline
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon WorkSpaces for Regulated Industries B A P 2 1 1 Eric Jones Sr Product Manager Amazon WorkSpaces Ron Bledsoe Sr Engineer Bridgewater Associates Andrew Wood Sr Specialized EUC SA AWS Solutions Architecture
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda Amazon WorkSpaces capabilities for regulated industries Regulatory/compliance availability Features for security posture Use case: Bridgewater Associates Using Amazon WorkSpaces to help meet high security requirements Regulations focus: EMEA How EMEA customers meet new regulations with Amazon WorkSpaces
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 A cost-effective, managed cloud desktop for flexible work styles • Managed desktop-as-a-service (DaaS) offering hosted in the AWS cloud • Secure access to the business desktop: Applications, documents, and corporate resources • Fast, responsive user experience on any network • Available on wide range of personal devices including iPads, Android tablets, Macs, PCs, laptops, and Chromebooks • Cloud economics: Scale at your pace and only pay for what you use
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Included with Amazon WorkSpaces • Compliance • Ongoing programs • Data sovereignty • Features and partner solutions • Auditing • Security • Access controls
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Compliance programs 7 GDPR Current DoD SRG
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon WorkSpaces security features – New in 2018 IP-based access controls • Select IP addresses from which users can access Amazon WorkSpaces Amazon WorkSpaces access events • View, search, download, archive, analyze, and respond to successful logins to your Amazon WorkSpaces Custom Login Workflows • Generate custom links containing login information with Uniform Resource Identifier support
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Security Controls Certificate Auth MFA CloudWatch Events Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Security Controls Certificate Auth MFA CloudWatch Events Security Controls MFA Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Security Controls Certificate Auth MFA CloudWatch Events Security Controls MFA Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Click to add slide title (size 48) By Data courtesy Marc Imhoff of NASA GSFC and Christopher Elvidge of NOAA NGDC.Image by Craig Mayhew and Robert Simmon, NASA GSFC. - NASA Visible Earthcropped from Image:Earthlights dmsp.jpg by Luestling 14:17, 22. M 2005from German Wikipedia [1], Public Domain, https://commons.wikimedia.org/w/index.php?curid=409353
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Related sessions Thursday, November 29 BAP305: How to move to Amazon WorkSpaces and replace your legacy VDI 1:45 p.m. – 2:45 p.m. | MGM, Level 3, Premier Ballroom 319, T2 Friday, November 30 BAP323: Move your Desktops and Applications to AWS with Amazon WorkSpaces and AppStream 2.0 10:00 a.m. – 11:00 a.m. | Venetian, Level 4, Lando 4202, T1
Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Eric Jones ejjonesa@amazon.com
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Appendix: WorkSpaces features
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Control Amazon WorkSpaces access • Select IP addresses from which users can access Amazon WorkSpaces • Create groups of custom rules specifying which IP addresses users can access Amazon WorkSpaces from Benefits • Ensure that Amazon WorkSpaces are only accessed from trusted networks • Groups can be applied at the individual directory level from the Amazon WorkSpaces console or through APIs Limitations • Cannot be enabled for the Web Access client IP-based access controls Amazon WorkSpaces Client AWS Cloud Source IP Check
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Identify Amazon WorkSpaces access • View, search, download, archive, analyze, and respond to successful logins to your Amazon WorkSpaces • Monitor client WAN IP addresses, operating system, Amazon WorkSpaces ID, and Directory ID information for users’ logins to Amazon WorkSpaces Benefits • Learn when, where, and how your users log in to and access their Amazon WorkSpaces • Monitor client WAN IP addresses, operating system, Amazon WorkSpaces ID, and Directory ID information for users’ logins to WorkSpace • Set up automated actions based on how a WorkSpace is accessed CloudWatch events on Amazon WorkSpaces access Amazon WorkSpaces Client CloudWatch Events Amazon WorkSpaces Access Event (on Login Success)
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Benefits Access control based on the client device type and certificates Managed device authentication How does it work? • Customers deploy device certificates to managed devices • Amazon WorkSpaces service stores root certificate with public key only • Amazon WorkSpaces application makes authentication request and the service returns a randomly generated nonce along with root certificate • App locates device cert chaining to root authority of the certificate provided by the service • App uses private key of the device certificate and signs the nonce provided by the service and sends to service along with public key • The service validates if the nonce is signed by device certificate and allows authentication to proceed Certificate authentication
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Encrypt Amazon WorkSpaces volumes Data in transit and rest is encrypted using AES-256 bit encryption Integrates with the AWS Key Management Service (AWS KMS) Use your AWS KMS keys to encrypt Amazon WorkSpaces Encrypt up to 30 Amazon WorkSpaces with a single key Can encrypt both root and user volume No material performance impact Pricing Pay for AWS KMS keys and Amazon WorkSpaces – no additional charge Encryption
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Partner Solutions • Authentication portals • Multi factor authentication • Endpoint inspection • Anti-virus protection • Network inspection • Web proxy

Recommended

ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
SRV318 Running Kubernetes with Amazon EKS
SRV318 Running Kubernetes with Amazon EKSSRV318 Running Kubernetes with Amazon EKS
SRV318 Running Kubernetes with Amazon EKSAmazon Web Services
 
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Amazon Web Services
 
SRV313 Introduction to Building Web Apps on AWS
SRV313 Introduction to Building Web Apps on AWS SRV313 Introduction to Building Web Apps on AWS
SRV313 Introduction to Building Web Apps on AWSAmazon Web Services
 
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Amazon Web Services
 
SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWS SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWSAmazon Web Services
 
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Amazon Web Services
 
AWS Lambda use cases and best practices - Builders Day Israel
AWS Lambda use cases and best practices - Builders Day IsraelAWS Lambda use cases and best practices - Builders Day Israel
AWS Lambda use cases and best practices - Builders Day IsraelAmazon Web Services
 

Recommended

ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
SRV318 Running Kubernetes with Amazon EKS
SRV318 Running Kubernetes with Amazon EKSSRV318 Running Kubernetes with Amazon EKS
SRV318 Running Kubernetes with Amazon EKSAmazon Web Services
 
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...
Resiliency Testing: Verify That Your System Is as Reliable as You Think (ARC4...Amazon Web Services
 
SRV313 Introduction to Building Web Apps on AWS
SRV313 Introduction to Building Web Apps on AWS SRV313 Introduction to Building Web Apps on AWS
SRV313 Introduction to Building Web Apps on AWSAmazon Web Services
 
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018
Up and Running with Amazon Linux WorkSpaces (BAP207-R1) - AWS re:Invent 2018Amazon Web Services
 
SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWS SRV205 Architectures and Strategies for Building Modern Applications on AWS
SRV205 Architectures and Strategies for Building Modern Applications on AWSAmazon Web Services
 
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Running Serverless at The Edge (CTD302) - AWS re:Invent 2018
Running Serverless at The Edge (CTD302) - AWS re:Invent 2018Amazon Web Services
 
AWS Lambda use cases and best practices - Builders Day Israel
AWS Lambda use cases and best practices - Builders Day IsraelAWS Lambda use cases and best practices - Builders Day Israel
AWS Lambda use cases and best practices - Builders Day IsraelAmazon Web Services
 
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Amazon Web Services
 
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018Amazon Web Services
 
SID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CASID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CAAmazon Web Services
 
Deep dive - AWS Fargate
Deep dive - AWS FargateDeep dive - AWS Fargate
Deep dive - AWS FargateAmazon Web Services
 
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Amazon Web Services
 
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Amazon Web Services
 
SRV328 Designing and Implementing a Serverless Media-Processing Workflow
SRV328 Designing and Implementing a Serverless Media-Processing WorkflowSRV328 Designing and Implementing a Serverless Media-Processing Workflow
SRV328 Designing and Implementing a Serverless Media-Processing WorkflowAmazon Web Services
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
Building Microservices with the Twelve Factor App Pattern on AWS
Building Microservices with the Twelve Factor App Pattern on AWSBuilding Microservices with the Twelve Factor App Pattern on AWS
Building Microservices with the Twelve Factor App Pattern on AWSAmazon Web Services
 
BDA210 AWS DeepLens Workshop Building Computer Vision Applications
BDA210 AWS DeepLens Workshop Building Computer Vision Applications BDA210 AWS DeepLens Workshop Building Computer Vision Applications
BDA210 AWS DeepLens Workshop Building Computer Vision Applications Amazon Web Services
 
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...Amazon Web Services
 
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018Amazon Web Services
 
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...Amazon Web Services
 
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Amazon Web Services
 
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018Amazon Web Services
 
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...Amazon Web Services
 
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigSRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigAmazon Web Services
 
Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Amazon Web Services
 
SRV207 Orchestrating AWS Lambda with Step Functions
SRV207 Orchestrating AWS Lambda with Step Functions SRV207 Orchestrating AWS Lambda with Step Functions
SRV207 Orchestrating AWS Lambda with Step FunctionsAmazon Web Services
 
SID304 Threat Detection and Remediation with Amazon GuardDuty
SID304 Threat Detection and Remediation with Amazon GuardDuty SID304 Threat Detection and Remediation with Amazon GuardDuty
SID304 Threat Detection and Remediation with Amazon GuardDutyAmazon Web Services
 
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 

More Related Content

What's hot

Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Amazon Web Services
 
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018Amazon Web Services
 
SID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CASID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CAAmazon Web Services
 
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Amazon Web Services
 
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Amazon Web Services
 
SRV328 Designing and Implementing a Serverless Media-Processing Workflow
SRV328 Designing and Implementing a Serverless Media-Processing WorkflowSRV328 Designing and Implementing a Serverless Media-Processing Workflow
SRV328 Designing and Implementing a Serverless Media-Processing WorkflowAmazon Web Services
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
Building Microservices with the Twelve Factor App Pattern on AWS
Building Microservices with the Twelve Factor App Pattern on AWSBuilding Microservices with the Twelve Factor App Pattern on AWS
Building Microservices with the Twelve Factor App Pattern on AWSAmazon Web Services
 
BDA210 AWS DeepLens Workshop Building Computer Vision Applications
BDA210 AWS DeepLens Workshop Building Computer Vision Applications BDA210 AWS DeepLens Workshop Building Computer Vision Applications
BDA210 AWS DeepLens Workshop Building Computer Vision Applications Amazon Web Services
 
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...Amazon Web Services
 
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018Amazon Web Services
 
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...Amazon Web Services
 
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Amazon Web Services
 
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018Amazon Web Services
 
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...Amazon Web Services
 
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigSRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigAmazon Web Services
 
Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Amazon Web Services
 
SRV207 Orchestrating AWS Lambda with Step Functions
SRV207 Orchestrating AWS Lambda with Step Functions SRV207 Orchestrating AWS Lambda with Step Functions
SRV207 Orchestrating AWS Lambda with Step FunctionsAmazon Web Services
 
SID304 Threat Detection and Remediation with Amazon GuardDuty
SID304 Threat Detection and Remediation with Amazon GuardDuty SID304 Threat Detection and Remediation with Amazon GuardDuty
SID304 Threat Detection and Remediation with Amazon GuardDutyAmazon Web Services
 

What's hot (20)

Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
Control for Your Cloud Environment Using AWS Management Tools (ENT226-R1) - A...
 
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
How Amazon WorkSpaces Powers the Hands-On Labs (BAP317) - AWS re:Invent 2018
 
SID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CASID305 AWS Certificate Manager Private CA
SID305 AWS Certificate Manager Private CA
 
Deep dive - AWS Fargate
Deep dive - AWS FargateDeep dive - AWS Fargate
Deep dive - AWS Fargate
 
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops
 
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
 
SRV328 Designing and Implementing a Serverless Media-Processing Workflow
SRV328 Designing and Implementing a Serverless Media-Processing WorkflowSRV328 Designing and Implementing a Serverless Media-Processing Workflow
SRV328 Designing and Implementing a Serverless Media-Processing Workflow
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
 
Building Microservices with the Twelve Factor App Pattern on AWS
Building Microservices with the Twelve Factor App Pattern on AWSBuilding Microservices with the Twelve Factor App Pattern on AWS
Building Microservices with the Twelve Factor App Pattern on AWS
 
BDA210 AWS DeepLens Workshop Building Computer Vision Applications
BDA210 AWS DeepLens Workshop Building Computer Vision Applications BDA210 AWS DeepLens Workshop Building Computer Vision Applications
BDA210 AWS DeepLens Workshop Building Computer Vision Applications
 
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
Securely Deliver Desktop Applications with Amazon AppStream 2.0 (BAP201) - AW...
 
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
Adding the Sec to Your DevOps Pipelines (SEC332-R1) - AWS re:Invent 2018
 
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
How Amazon.com Migrates Inventory Management Systems (DAT346) - AWS re:Invent...
 
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018
 
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
Building a DevOps Pipeline on AWS (DEV326) - AWS re:Invent 2018
 
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
ENT202 Breaking Barriers: Move Enterprise SAP Customers to SAP HANA on AWS in...
 
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS ConfigSRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
SRV209 Monitor Cross-Account and Cross-Region Compliance Status with AWS Config
 
Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts Secure your AWS Account and your Organization's Accounts
Secure your AWS Account and your Organization's Accounts
 
SRV207 Orchestrating AWS Lambda with Step Functions
SRV207 Orchestrating AWS Lambda with Step Functions SRV207 Orchestrating AWS Lambda with Step Functions
SRV207 Orchestrating AWS Lambda with Step Functions
 
SID304 Threat Detection and Remediation with Amazon GuardDuty
SID304 Threat Detection and Remediation with Amazon GuardDuty SID304 Threat Detection and Remediation with Amazon GuardDuty
SID304 Threat Detection and Remediation with Amazon GuardDuty
 

Similar to Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018

Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018Amazon Web Services
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Amazon Web Services
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB
 
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Amazon Web Services
 
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Amazon Web Services
 
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewPitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewEagleDream Technologies
 
Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)Amazon Web Services
 
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksIntroduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksAmazon Web Services
 
Introduction to Hybrid Cloud on AWS
Introduction to Hybrid Cloud on AWSIntroduction to Hybrid Cloud on AWS
Introduction to Hybrid Cloud on AWSTom Laszewski
 
Security Automation using AWS Management Tools
Security Automation using AWS Management ToolsSecurity Automation using AWS Management Tools
Security Automation using AWS Management ToolsAmazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...
Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...
Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...Amazon Web Services
 
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfHow to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
 
Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...
Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...
Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...Amazon Web Services
 

Similar to Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018 (20)

Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
 
Enterprise Security
Enterprise SecurityEnterprise Security
Enterprise Security
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
 
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
 
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
 
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overviewPitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
 
Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)Work Anywhere with Amazon Workspaces (Level: 200)
Work Anywhere with Amazon Workspaces (Level: 200)
 
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech TalksIntroduction to Hybrid Cloud on AWS - AWS Online Tech Talks
Introduction to Hybrid Cloud on AWS - AWS Online Tech Talks
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
AWS Security by Design
AWS Security by Design AWS Security by Design
AWS Security by Design
 
Introduction to Hybrid Cloud on AWS
Introduction to Hybrid Cloud on AWSIntroduction to Hybrid Cloud on AWS
Introduction to Hybrid Cloud on AWS
 
Security Automation using AWS Management Tools
Security Automation using AWS Management ToolsSecurity Automation using AWS Management Tools
Security Automation using AWS Management Tools
 
Security@Scale
Security@ScaleSecurity@Scale
Security@Scale
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...
Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...
Architecting for Enterprise Identity Across Multiple Operating Models (ENT413...
 
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfHow to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
 
Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...
Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...
Move Your Desktops and Apps to AWS with Amazon WorkSpaces and AppStream 2.0 -...
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Amazon WorkSpaces for Regulated Industries (BAP211) - AWS re:Invent 2018

  • 1.
  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon WorkSpaces for Regulated Industries B A P 2 1 1 Eric Jones Sr Product Manager Amazon WorkSpaces Ron Bledsoe Sr Engineer Bridgewater Associates Andrew Wood Sr Specialized EUC SA AWS Solutions Architecture
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda Amazon WorkSpaces capabilities for regulated industries Regulatory/compliance availability Features for security posture Use case: Bridgewater Associates Using Amazon WorkSpaces to help meet high security requirements Regulations focus: EMEA How EMEA customers meet new regulations with Amazon WorkSpaces
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. 5 A cost-effective, managed cloud desktop for flexible work styles • Managed desktop-as-a-service (DaaS) offering hosted in the AWS cloud • Secure access to the business desktop: Applications, documents, and corporate resources • Fast, responsive user experience on any network • Available on wide range of personal devices including iPads, Android tablets, Macs, PCs, laptops, and Chromebooks • Cloud economics: Scale at your pace and only pay for what you use
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Included with Amazon WorkSpaces • Compliance • Ongoing programs • Data sovereignty • Features and partner solutions • Auditing • Security • Access controls
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Compliance programs 7 GDPR Current DoD SRG
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon WorkSpaces security features – New in 2018 IP-based access controls • Select IP addresses from which users can access Amazon WorkSpaces Amazon WorkSpaces access events • View, search, download, archive, analyze, and respond to successful logins to your Amazon WorkSpaces Custom Login Workflows • Generate custom links containing login information with Uniform Resource Identifier support
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Security Controls Certificate Auth MFA CloudWatch Events Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Security Controls Certificate Auth MFA CloudWatch Events Security Controls MFA Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Controls Certificate Auth IP Access Controls MFA Security Controls Certificate Auth MFA CloudWatch Events Security Controls MFA Active Directory SIEM Direct Connect or VPN MFA (RADIUS) Corporate Network
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Click to add slide title (size 48) By Data courtesy Marc Imhoff of NASA GSFC and Christopher Elvidge of NOAA NGDC.Image by Craig Mayhew and Robert Simmon, NASA GSFC. - NASA Visible Earthcropped from Image:Earthlights dmsp.jpg by Luestling 14:17, 22. M 2005from German Wikipedia [1], Public Domain, https://commons.wikimedia.org/w/index.php?curid=409353
  • 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Related sessions Thursday, November 29 BAP305: How to move to Amazon WorkSpaces and replace your legacy VDI 1:45 p.m. – 2:45 p.m. | MGM, Level 3, Premier Ballroom 319, T2 Friday, November 30 BAP323: Move your Desktops and Applications to AWS with Amazon WorkSpaces and AppStream 2.0 10:00 a.m. – 11:00 a.m. | Venetian, Level 4, Lando 4202, T1
  • 19. Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Eric Jones ejjonesa@amazon.com
  • 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Appendix: WorkSpaces features
  • 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Control Amazon WorkSpaces access • Select IP addresses from which users can access Amazon WorkSpaces • Create groups of custom rules specifying which IP addresses users can access Amazon WorkSpaces from Benefits • Ensure that Amazon WorkSpaces are only accessed from trusted networks • Groups can be applied at the individual directory level from the Amazon WorkSpaces console or through APIs Limitations • Cannot be enabled for the Web Access client IP-based access controls Amazon WorkSpaces Client AWS Cloud Source IP Check
  • 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Identify Amazon WorkSpaces access • View, search, download, archive, analyze, and respond to successful logins to your Amazon WorkSpaces • Monitor client WAN IP addresses, operating system, Amazon WorkSpaces ID, and Directory ID information for users’ logins to Amazon WorkSpaces Benefits • Learn when, where, and how your users log in to and access their Amazon WorkSpaces • Monitor client WAN IP addresses, operating system, Amazon WorkSpaces ID, and Directory ID information for users’ logins to WorkSpace • Set up automated actions based on how a WorkSpace is accessed CloudWatch events on Amazon WorkSpaces access Amazon WorkSpaces Client CloudWatch Events Amazon WorkSpaces Access Event (on Login Success)
  • 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Benefits Access control based on the client device type and certificates Managed device authentication How does it work? • Customers deploy device certificates to managed devices • Amazon WorkSpaces service stores root certificate with public key only • Amazon WorkSpaces application makes authentication request and the service returns a randomly generated nonce along with root certificate • App locates device cert chaining to root authority of the certificate provided by the service • App uses private key of the device certificate and signs the nonce provided by the service and sends to service along with public key • The service validates if the nonce is signed by device certificate and allows authentication to proceed Certificate authentication
  • 25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Encrypt Amazon WorkSpaces volumes Data in transit and rest is encrypted using AES-256 bit encryption Integrates with the AWS Key Management Service (AWS KMS) Use your AWS KMS keys to encrypt Amazon WorkSpaces Encrypt up to 30 Amazon WorkSpaces with a single key Can encrypt both root and user volume No material performance impact Pricing Pay for AWS KMS keys and Amazon WorkSpaces – no additional charge Encryption
  • 26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Partner Solutions • Authentication portals • Multi factor authentication • Endpoint inspection • Anti-virus protection • Network inspection • Web proxy