Amazon Web Services LATAM, profile picture
Uploaded byAmazon Web Services LATAM
PDF, PPTX1,456 views

AWS - Security & Compliance

The document outlines the security and compliance features of Amazon Web Services (AWS), emphasizing the importance of customer-driven security models and the capabilities offered to businesses for secure cloud operations. It details various AWS services and tools that ensure privacy, data protection, and compliance with security standards. The document also highlights examples of organizations successfully leveraging AWS for enhanced security and operational efficiency.

Embed presentation

Download as PDF, PPTX
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Leandro Bennaton LATAM Compliance Strategist March 2018 AWS – Security & Compliance
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Familiar Security Model Validated and driven by customers’ security experts Benefits all customers PEOPLE & PROCESS SYSTEM NETWORK PHYSICAL AWS Security is Job Zero
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “CIOs and CISOs need to stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly, and reliably leverage the benefits of this increasingly ubiquitous computing model.” Source: Clouds Are Secure: Are You Using Them Securely?
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 18 Regions – 53 Availability Zones – +101 Edge Locations AWS Global Infrastructure Worldwide Global Standardization
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 18 Regions – 53 Availability Zones – +101 Edge Locations AWS Global Infrastructure Availability Zone A Availability Zone B Availability Zone C AZ DataCenter 1 DataCenter 2 DataCenter n
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Freedom of choice Compute Microsoft Windows Server 2016, 2012, 2008, and 2003 Red Hat Enterprise Linux Amazon Linux SUSE Linux Ubuntu Database Microsoft SQL Server Oracle Amazon Aurora PostgreSQL MySQL MariaDB Amazon DynamoDB
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Your Datacenter Fully Featured Compute Resource & Deployment Management Common Controls for Security & Access Integrated Networking Data Integration & Life Cycle Management Flexible hybrid options AWS Different forms of implementation Amazon Web Services
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Different forms of implementation Your Datacenter Amazon Web Services Comcast’s IT strategy focuses on combining its own data centers and AWS as the cornerstone of its next-generation TV service, X1. This has allowed them to rapidly scale interactive, on-demand content to millions of viewers. Data Integration Network Integration Integrated Identity & Access Resource & Deployment Management Devices & Edge Systems
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Compliance
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Automate with deeply integrated security services Inherit global security and compliance controls Highest standards for privacy and data security Largest network of security partners and solutions Scale with superior visibility and control Move to AWS Strengthen your security posture
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Identity & Access Management (IAM) AWS Organizations AWS Cognito AWS Directory Service AWS Single Sign-On AWS CloudTrail AWS Config Amazon CloudWatch Amazon GuardDuty VPC Flow Logs Amazon EC2 Systems Manager AWS Shield AWS Web Application Firewall (WAF) Amazon Inspector Amazon Virtual Private Cloud (VPC) AWS Key Management Service (KMS) AWS CloudHSM Amazon Macie Certificate Manager Server Side Encryption AWS Config Rules AWS Lambda Identity Detective control Infrastructure security Incident response Data protection AWS security solutions
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. You are in control of privacy You retain full ownership and control of your content § Choose the AWS Sao Paulo Region and AWS will not replicate it elsewhere unless you choose to do so. § Control format, accuracy, and encryption any way that you choose. § Control who can access content. § Control content lifecycle and disposal.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Encryption Data at Transit and Rest EBS Volume Encryption EBS Encryption Filesystem Tools AWS Marketplace/Partner Object Encryption S3 Server Side Encryption (SSE) S3 SSE w/ Customer Provided Keys Client-Side Encryption Database Encryption Redshift Encryption RDS PostgreSQL KMS RDS MYSQL KMS RDS ORACLE TDE/HSM RDS MSSQL TDE AWS Whitepaper Securing Data at Rest with Encryption End-to-end SSL/TLS
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Control access and segregate duties everywhere You get to control who can do what in your AWS environment when and from where Fine-grained control of your AWS cloud with multi-factor authentication Integrate with an existing Active Directory using federation and single sign-on
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure security Logging & monitoring Identity & access control Configuration & vulnerability analysis Data protection Largest ecosystem of security partners and solutions Infrastructure security
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security engineering Governance, risk & compliance Security operations & automation Consulting competency partners with demonstrated expertise Security engineering
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ORMove fast Stay secure Before…
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. ORANDMove fast Stay secure Now…
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scale with visibility and control
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS – Capital One DEVOPS https://developer.capitalone.com/opensource-projects/cloud-custodian/
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. “I have come to realize that as a relatively small organization, we can be far more secure in the cloud and achieve a higher level of assurance at a much lower cost, in terms of effort and dollars invested. We determined that security in AWS is superior to our on-premises data center across several dimensions, including patching, encryption, auditing and logging, entitlements, and compliance.” • Looks for fraud, abuse, and insider trading over nearly 6 billion shares traded in U.S. equities markets every day • Processes approximately 6 terabytes of data and 37 billion records on an average day • Went from 3–4 weeks for server hardening to 3–4 minutes • DevOps teams focus on automation and tools to raise the compliance bar and simplify controls • Achieved incredible levels of assurance for consistencies of builds and patching via rebooting with automated deployment scripts —John Brady, CISO FINRA Financial industry regulatory authority
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Reference architecture https://aws.amazon.com/architecture/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. https://example.com AWS Edge Locations AWS WAF Amazon Route 53 Amazon CloudFront AWS Shield Advanced CloudTrail us-east-1a us-east-1bProxies NAT RDS DB DMZSubnet PrivateSubnet PrivateSubnet Proxies Bastion RDS DB AWS Config CloudWatch Alarms Archive Logs Bucket S3 Lifecycle Policies to Glacier PrivateSubnet PrivateSubnet AWS Account Virtual Private Cloud (VPC) Cyber Security Well-Architected via a NIST High Quick Start High availability with multi-AZ deployments - fault tolerance solution Failover occurs automatically in response to the most important failure scenarios
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Capacitación de Seguridad https://aws.amazon.com/es/training/ Reglas básicas de seguridad de AWS (curso gratuito – 4 horas)
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Worldwide | N. America | LATAM | UK/IR | EMEA | APAC | Japan | China Leandro Bennaton LATAM Compliance Strategist bennaton@amazon.com

More Related Content

PPTX
Project Organizations Line-of- business organizations
byMOHANAROOPA5
 
PPT
SE CHAPTER 2 PROCESS MODELS
byAbrar ali
 
PDF
Long live to CMAN!
byLudovico Caldara
 
PPT
SQL Server Profiler & Performance Monitor - SarabPreet Singh
byRishu Mehra
 
PDF
Nabil Nawaz Oracle Oracle 12c Data Guard Deep Dive Presentation
byNabil Nawaz
 
PDF
Audio Drivers
byAnil Kumar Pugalia
 
PPTX
System components (os)
bysnegacmr
 
PPTX
System calls
byBernard Senam
 
Project Organizations Line-of- business organizations
byMOHANAROOPA5
 
SE CHAPTER 2 PROCESS MODELS
byAbrar ali
 
Long live to CMAN!
byLudovico Caldara
 
SQL Server Profiler & Performance Monitor - SarabPreet Singh
byRishu Mehra
 
Nabil Nawaz Oracle Oracle 12c Data Guard Deep Dive Presentation
byNabil Nawaz
 
Audio Drivers
byAnil Kumar Pugalia
 
System components (os)
bysnegacmr
 
System calls
byBernard Senam
 

What's hot

PPTX
Azure SQL Database
byPalash Debnath
 
PPTX
Types of Drivers in JDBC
byHemant Sharma
 
PPTX
Kheirkhabarov24052017_phdays7
byTeymur Kheirkhabarov
 
PDF
4.LanguageProcessors and language Processing Activities.pdf
bySwapnaliPawar27
 
PPTX
SQL Server Database Backup and Restore Plan
byHamid J. Fard
 
PDF
CPU Scheduling
byChristalin Nelson
 
PPT
Memory Management in OS
byvampugani
 
PDF
Oracle RAC 19c: Best Practices and Secret Internals
byAnil Nair
 
PPTX
Assembly language programming
byhimhk
 
PDF
Enable oracle database vault
byOsama Mustafa
 
DOCX
Obia11.1.1.10.1 installation and configuration on Unix platform
bySheikh Zakirulla
 
PPTX
Oracle ASM Training
byVigilant Technologies
 
PDF
OOW16 - Technical Upgrade Best Practices for Oracle E-Business Suite 12.2 [CO...
byvasuballa
 
PPTX
CPU Scheduling in OS Presentation
byusmankiyani1
 
PDF
Solaris basics
byAshwin Pawar
 
PDF
Inside the Mac OS X Kernel
byOpenSlidesArchive
 
PDF
Character Drivers
byAnil Kumar Pugalia
 
PPT
OS Structure
byAjay Singh Rana
 
PPTX
Software Project Management - Staffing
byTanishqRongta1
 
PDF
Step by Step Restore rman to different host
byOsama Mustafa
 
Azure SQL Database
byPalash Debnath
 
Types of Drivers in JDBC
byHemant Sharma
 
Kheirkhabarov24052017_phdays7
byTeymur Kheirkhabarov
 
4.LanguageProcessors and language Processing Activities.pdf
bySwapnaliPawar27
 
SQL Server Database Backup and Restore Plan
byHamid J. Fard
 
CPU Scheduling
byChristalin Nelson
 
Memory Management in OS
byvampugani
 
Oracle RAC 19c: Best Practices and Secret Internals
byAnil Nair
 
Assembly language programming
byhimhk
 
Enable oracle database vault
byOsama Mustafa
 
Obia11.1.1.10.1 installation and configuration on Unix platform
bySheikh Zakirulla
 
Oracle ASM Training
byVigilant Technologies
 
OOW16 - Technical Upgrade Best Practices for Oracle E-Business Suite 12.2 [CO...
byvasuballa
 
CPU Scheduling in OS Presentation
byusmankiyani1
 
Solaris basics
byAshwin Pawar
 
Inside the Mac OS X Kernel
byOpenSlidesArchive
 
Character Drivers
byAnil Kumar Pugalia
 
OS Structure
byAjay Singh Rana
 
Software Project Management - Staffing
byTanishqRongta1
 
Step by Step Restore rman to different host
byOsama Mustafa
 

Similar to AWS - Security & Compliance

PDF
The AWS Shared Responsibility Model in Practice
byAlert Logic
 
PDF
The AWS Shared Responsibility Model in Practice
byAlert Logic
 
PDF
AWS - Security & Compliance
byAmazon Web Services LATAM
 
PPTX
Pitt Immersion Day Module 5 - security overview
byEagleDream Technologies
 
PDF
The AWS Shared Responsibility Model: Presented by Amazon Web Services
byAlert Logic
 
PPTX
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
byAlert Logic
 
PPTX
Blue Chip Tek Connect and Protect Presentation #3
byKimberly Macias
 
PDF
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
byMarcela Cárdenas Hidalgo
 
PDF
Oas un llamado a la accion
byMarcela Cárdenas Hidalgo
 
PDF
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
byVladimir Simek
 
PDF
20180514 _aws data-security_aws.compressed
bySekretariat3A
 
PDF
Securing Your Customers Data From Day One
byAmazon Web Services LATAM
 
PDF
AWS STARTUP DAY 2018 I Securing Your Customer Data From Day One
byAWS Germany
 
PPTX
Deep dive - AWS security by design
byRichard Harvey
 
PDF
AWS Finland User Group Meetup 2017-05-23
byRolf Koski
 
PDF
AWS Enterprise Summit - 클라우드에서의 보안 - 양승도
byAmazon Web Services Korea
 
PDF
Datensicherheit mit AWS - AWS Security Web Day
byAWS Germany
 
PDF
Security and Compliance Better on AWS_John Hildebrandt
byHelen Rogers
 
PDF
Innovation at Scale - Top 10 AWS questions when you start
byShiva Narayanaswamy
 
PPTX
Building Bulletproof Infrastructure on AWS
by2nd Watch
 
The AWS Shared Responsibility Model in Practice
byAlert Logic
 
The AWS Shared Responsibility Model in Practice
byAlert Logic
 
AWS - Security & Compliance
byAmazon Web Services LATAM
 
Pitt Immersion Day Module 5 - security overview
byEagleDream Technologies
 
The AWS Shared Responsibility Model: Presented by Amazon Web Services
byAlert Logic
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
byAlert Logic
 
Blue Chip Tek Connect and Protect Presentation #3
byKimberly Macias
 
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
byMarcela Cárdenas Hidalgo
 
Oas un llamado a la accion
byMarcela Cárdenas Hidalgo
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
byVladimir Simek
 
20180514 _aws data-security_aws.compressed
bySekretariat3A
 
Securing Your Customers Data From Day One
byAmazon Web Services LATAM
 
AWS STARTUP DAY 2018 I Securing Your Customer Data From Day One
byAWS Germany
 
Deep dive - AWS security by design
byRichard Harvey
 
AWS Finland User Group Meetup 2017-05-23
byRolf Koski
 
AWS Enterprise Summit - 클라우드에서의 보안 - 양승도
byAmazon Web Services Korea
 
Datensicherheit mit AWS - AWS Security Web Day
byAWS Germany
 
Security and Compliance Better on AWS_John Hildebrandt
byHelen Rogers
 
Innovation at Scale - Top 10 AWS questions when you start
byShiva Narayanaswamy
 
Building Bulletproof Infrastructure on AWS
by2nd Watch
 

More from Amazon Web Services LATAM

PPTX
Ransomware: cómo recuperar sus datos en la nube de AWS
byAmazon Web Services LATAM
 
PPTX
Ransomware: Estratégias de Mitigação
byAmazon Web Services LATAM
 
PPTX
Ransomware: Estratégias de Mitigación
byAmazon Web Services LATAM
 
PPTX
Aprenda como migrar e transferir dados ao utilizar a nuvem da AWS
byAmazon Web Services LATAM
 
PPTX
Aprenda a migrar y transferir datos al usar la nube de AWS
byAmazon Web Services LATAM
 
PPTX
AWS para terceiro setor - Sessão 1 - Introdução à nuvem
byAmazon Web Services LATAM
 
PPTX
AWS para terceiro setor - Sessão 1 - Introdução à nuvem
byAmazon Web Services LATAM
 
PPTX
Simplifique su BI con AWS
byAmazon Web Services LATAM
 
PPTX
AWS para terceiro setor - Sessão 3 - Protegendo seus dados.
byAmazon Web Services LATAM
 
PPTX
AWS para terceiro setor - Sessão 3 - Protegendo seus dados.
byAmazon Web Services LATAM
 
PPTX
Automatice el proceso de entrega con CI/CD en AWS
byAmazon Web Services LATAM
 
PPTX
Simplifique o seu BI com a AWS
byAmazon Web Services LATAM
 
PPTX
Automatize seu processo de entrega de software com CI/CD na AWS
byAmazon Web Services LATAM
 
PPTX
Cómo empezar con Amazon EKS
byAmazon Web Services LATAM
 
PPTX
Ransomware: como recuperar os seus dados na nuvem AWS
byAmazon Web Services LATAM
 
PPTX
Os benefícios de migrar seus workloads de Big Data para a AWS
byAmazon Web Services LATAM
 
PPTX
Como começar com Amazon EKS
byAmazon Web Services LATAM
 
PPTX
Cómo mover a un almacenamiento de archivos administrados
byAmazon Web Services LATAM
 
PPTX
AWS para terceiro setor - Sessão 2 - Armazenamento e Backup
byAmazon Web Services LATAM
 
PPTX
AWS para terceiro setor - Sessão 2 - Armazenamento e Backup
byAmazon Web Services LATAM
 
Ransomware: cómo recuperar sus datos en la nube de AWS
byAmazon Web Services LATAM
 
Ransomware: Estratégias de Mitigação
byAmazon Web Services LATAM
 
Ransomware: Estratégias de Mitigación
byAmazon Web Services LATAM
 
Aprenda como migrar e transferir dados ao utilizar a nuvem da AWS
byAmazon Web Services LATAM
 
Aprenda a migrar y transferir datos al usar la nube de AWS
byAmazon Web Services LATAM
 
AWS para terceiro setor - Sessão 1 - Introdução à nuvem
byAmazon Web Services LATAM
 
AWS para terceiro setor - Sessão 1 - Introdução à nuvem
byAmazon Web Services LATAM
 
Simplifique su BI con AWS
byAmazon Web Services LATAM
 
AWS para terceiro setor - Sessão 3 - Protegendo seus dados.
byAmazon Web Services LATAM
 
AWS para terceiro setor - Sessão 3 - Protegendo seus dados.
byAmazon Web Services LATAM
 
Automatice el proceso de entrega con CI/CD en AWS
byAmazon Web Services LATAM
 
Simplifique o seu BI com a AWS
byAmazon Web Services LATAM
 
Automatize seu processo de entrega de software com CI/CD na AWS
byAmazon Web Services LATAM
 
Cómo empezar con Amazon EKS
byAmazon Web Services LATAM
 
Ransomware: como recuperar os seus dados na nuvem AWS
byAmazon Web Services LATAM
 
Os benefícios de migrar seus workloads de Big Data para a AWS
byAmazon Web Services LATAM
 
Como começar com Amazon EKS
byAmazon Web Services LATAM
 
Cómo mover a un almacenamiento de archivos administrados
byAmazon Web Services LATAM
 
AWS para terceiro setor - Sessão 2 - Armazenamento e Backup
byAmazon Web Services LATAM
 
AWS para terceiro setor - Sessão 2 - Armazenamento e Backup
byAmazon Web Services LATAM
 

Recently uploaded

PPTX
Coded Agents – with UiPath SDK + LlamaIndex.pptx
bysuhanisingh58689
 
PPTX
A CIO’s Guide to Salesforce AI Architecture, Governance, and Implementation R...
byKerry Millar
 
PDF
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
PPTX
Fortify Your Digital Defenses with ServiceNow Security Operations by Suma Soft
byGavin Ellis
 
PPTX
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
PPTX
Microsoft Azure News - January 2026 - BAUG
byDaniel Toomey
 
PDF
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
PDF
Teaching Robots how to Read 1/2: AI Center & Classic Document Understanding (...
byanabulhac
 
PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PPTX
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
PDF
Français Patch Tuesday - Janvier
byIvanti
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PDF
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
PPTX
Mastering SQL Server Replication: Types, Setup & Troubleshooting
byGeoPITS Global Pvt Ltd
 
PDF
Laravel Up Running, 3rd Edition A Framework for Building Modern PHP Apps (Mat...
byNEXACORE
 
PDF
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
PDF
TopMate ES32 Electric Trike: A Smart Mobility Solution for Comfortable Everyd...
byTopmate
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Coded Agents – with UiPath SDK + LlamaIndex.pptx
bysuhanisingh58689
 
A CIO’s Guide to Salesforce AI Architecture, Governance, and Implementation R...
byKerry Millar
 
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
Fortify Your Digital Defenses with ServiceNow Security Operations by Suma Soft
byGavin Ellis
 
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
Microsoft Azure News - January 2026 - BAUG
byDaniel Toomey
 
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
Teaching Robots how to Read 1/2: AI Center & Classic Document Understanding (...
byanabulhac
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
Français Patch Tuesday - Janvier
byIvanti
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
Mastering SQL Server Replication: Types, Setup & Troubleshooting
byGeoPITS Global Pvt Ltd
 
Laravel Up Running, 3rd Edition A Framework for Building Modern PHP Apps (Mat...
byNEXACORE
 
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
TopMate ES32 Electric Trike: A Smart Mobility Solution for Comfortable Everyd...
byTopmate
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 

AWS - Security & Compliance

  • 1.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Leandro Bennaton LATAM Compliance Strategist March 2018 AWS – Security & Compliance
  • 2.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Familiar Security Model Validated and driven by customers’ security experts Benefits all customers PEOPLE & PROCESS SYSTEM NETWORK PHYSICAL AWS Security is Job Zero
  • 3.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. “CIOs and CISOs need to stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly, and reliably leverage the benefits of this increasingly ubiquitous computing model.” Source: Clouds Are Secure: Are You Using Them Securely?
  • 4.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. 18 Regions – 53 Availability Zones – +101 Edge Locations AWS Global Infrastructure Worldwide Global Standardization
  • 5.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. 18 Regions – 53 Availability Zones – +101 Edge Locations AWS Global Infrastructure Availability Zone A Availability Zone B Availability Zone C AZ DataCenter 1 DataCenter 2 DataCenter n
  • 6.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS Freedom of choice Compute Microsoft Windows Server 2016, 2012, 2008, and 2003 Red Hat Enterprise Linux Amazon Linux SUSE Linux Ubuntu Database Microsoft SQL Server Oracle Amazon Aurora PostgreSQL MySQL MariaDB Amazon DynamoDB
  • 7.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Your Datacenter Fully Featured Compute Resource & Deployment Management Common Controls for Security & Access Integrated Networking Data Integration & Life Cycle Management Flexible hybrid options AWS Different forms of implementation Amazon Web Services
  • 8.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS Different forms of implementation Your Datacenter Amazon Web Services Comcast’s IT strategy focuses on combining its own data centers and AWS as the cornerstone of its next-generation TV service, X1. This has allowed them to rapidly scale interactive, on-demand content to millions of viewers. Data Integration Network Integration Integrated Identity & Access Resource & Deployment Management Devices & Edge Systems
  • 9.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS Compliance
  • 10.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Automate with deeply integrated security services Inherit global security and compliance controls Highest standards for privacy and data security Largest network of security partners and solutions Scale with superior visibility and control Move to AWS Strengthen your security posture
  • 11.
    © 2017, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS Identity & Access Management (IAM) AWS Organizations AWS Cognito AWS Directory Service AWS Single Sign-On AWS CloudTrail AWS Config Amazon CloudWatch Amazon GuardDuty VPC Flow Logs Amazon EC2 Systems Manager AWS Shield AWS Web Application Firewall (WAF) Amazon Inspector Amazon Virtual Private Cloud (VPC) AWS Key Management Service (KMS) AWS CloudHSM Amazon Macie Certificate Manager Server Side Encryption AWS Config Rules AWS Lambda Identity Detective control Infrastructure security Incident response Data protection AWS security solutions
  • 12.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. You are in control of privacy You retain full ownership and control of your content § Choose the AWS Sao Paulo Region and AWS will not replicate it elsewhere unless you choose to do so. § Control format, accuracy, and encryption any way that you choose. § Control who can access content. § Control content lifecycle and disposal.
  • 13.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Encryption Data at Transit and Rest EBS Volume Encryption EBS Encryption Filesystem Tools AWS Marketplace/Partner Object Encryption S3 Server Side Encryption (SSE) S3 SSE w/ Customer Provided Keys Client-Side Encryption Database Encryption Redshift Encryption RDS PostgreSQL KMS RDS MYSQL KMS RDS ORACLE TDE/HSM RDS MSSQL TDE AWS Whitepaper Securing Data at Rest with Encryption End-to-end SSL/TLS
  • 14.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Control access and segregate duties everywhere You get to control who can do what in your AWS environment when and from where Fine-grained control of your AWS cloud with multi-factor authentication Integrate with an existing Active Directory using federation and single sign-on
  • 15.
    © 2017, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Infrastructure security Logging & monitoring Identity & access control Configuration & vulnerability analysis Data protection Largest ecosystem of security partners and solutions Infrastructure security
  • 16.
    © 2017, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Security engineering Governance, risk & compliance Security operations & automation Consulting competency partners with demonstrated expertise Security engineering
  • 17.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. ORMove fast Stay secure Before…
  • 18.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. ORANDMove fast Stay secure Now…
  • 19.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Scale with visibility and control
  • 20.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS – Capital One DEVOPS https://developer.capitalone.com/opensource-projects/cloud-custodian/
  • 21.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. “I have come to realize that as a relatively small organization, we can be far more secure in the cloud and achieve a higher level of assurance at a much lower cost, in terms of effort and dollars invested. We determined that security in AWS is superior to our on-premises data center across several dimensions, including patching, encryption, auditing and logging, entitlements, and compliance.” • Looks for fraud, abuse, and insider trading over nearly 6 billion shares traded in U.S. equities markets every day • Processes approximately 6 terabytes of data and 37 billion records on an average day • Went from 3–4 weeks for server hardening to 3–4 minutes • DevOps teams focus on automation and tools to raise the compliance bar and simplify controls • Achieved incredible levels of assurance for consistencies of builds and patching via rebooting with automated deployment scripts —John Brady, CISO FINRA Financial industry regulatory authority
  • 22.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS Reference architecture https://aws.amazon.com/architecture/
  • 23.
    © 2017, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. https://example.com AWS Edge Locations AWS WAF Amazon Route 53 Amazon CloudFront AWS Shield Advanced CloudTrail us-east-1a us-east-1bProxies NAT RDS DB DMZSubnet PrivateSubnet PrivateSubnet Proxies Bastion RDS DB AWS Config CloudWatch Alarms Archive Logs Bucket S3 Lifecycle Policies to Glacier PrivateSubnet PrivateSubnet AWS Account Virtual Private Cloud (VPC) Cyber Security Well-Architected via a NIST High Quick Start High availability with multi-AZ deployments - fault tolerance solution Failover occurs automatically in response to the most important failure scenarios
  • 24.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. AWS Capacitación de Seguridad https://aws.amazon.com/es/training/ Reglas básicas de seguridad de AWS (curso gratuito – 4 horas)
  • 25.
    © 2018, AmazonWeb Services, Inc. or its Affiliates. All rights reserved. Worldwide | N. America | LATAM | UK/IR | EMEA | APAC | Japan | China Leandro Bennaton LATAM Compliance Strategist bennaton@amazon.com