SlideShare a Scribd company logo

How Federal Home Loan Bank of Chicago Maintains Control in the Cloud (ENT207) | AWS re:Invent 2013

Amazon Web Services
Amazon Web Services

This document summarizes the key steps taken by the Federal Home Loan Bank of Chicago in moving infrastructure to AWS cloud services. It outlines communicating the transition within the organization, conducting a proof of concept to test services, evaluating AWS controls using their framework, considering costs beyond just compute hours, implementing infrastructure and security monitoring, and developing disaster recovery plans. The overall message is that due diligence across these areas is necessary to successfully adopt cloud services while maintaining control.

TechnologyEconomy & Finance
1 of 14
Download to read offline
How Federal Home Loan Bank of Chicago Maintains Control in the Cloud Eric Geiger, Federal Home Loan Bank of Chicago © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
Federal Home Loan Banks • Created by Congress in 1932 • Each is a cooperative owned by members in its district • Members include banks, thrifts, credit unions, insurance companies, and housing finance institutions • As of September 30, 2013, almost 7,500 members in the FHLBank System • Each FHLBank is registered with the SEC • Each FHLBank is governed by a separate board of directors, but regulated by a single regulator, Federal Housing Finance Agency
Why Did FHLBC Start Using AWS • Exploring infrastructure options – – – Faster server provisioning Required options and flexibility to replace existing hardware Wanted to reduce hardware expense • What brought us to Amazon – – – – Leader in the space Vast array of options Easy entry into the services Quickly observable results • Our initial concerns – – – Security Performance Reliability/durability/availability
Due Diligence is Key Communicate Before Proof of Concept Framework Cost Security After Monitoring Disaster Planning CONTINUOUS
Communicate with Your Organization • We had many preconceived notions – – • Amazon is just a bookstore, isn’t it? The “cloud” isn’t secure! Get educated – Read the whitepapers • • • • – Review the AWS security and compliance sites • • • • • http://aws.amazon.com/whitepapers “Overview of Amazon Web Services” “AWS Risk and Compliance” whitepaper “Auditing Security Checklist for Use of AWS” http://aws.amazon.com/security http://aws.amazon.com/compliance This is more than simply moving infrastructure Is there guidance from governance bodies Ensure business buy-in early
Try a Small POC • Level set your expectations • What are you planning to use AWS for – Only web services – Core infrastructure – Data and database services • Explore the service options • Important basics to consider – Pick a region/zone that’s close – Set up a VPC – Test your network connectivity and see if it’s sufficient
Evaluate with a Framework • AWS has many certifications and accreditations: HIPPA, SOC 1, SOC 2, SOC 3, PCI, ISO 27001, FISMA, FedRAMP, ITAR, FIPS 140-2 • How do the certifications pertain to you? – – Certification need to be mapped back to your own compliance and control framework The bank used the Cloud Security Alliance framework as our starting point • https://cloudsecurityalliance.org/ • Time-consuming process to map associations – – Will draw attention to areas your own control framework needs revision Should be done by multiple areas in your organization • • • IT security IT operations Internal audit
Aligning Your Framework to AWS Our example using the Security Guidance for Critical Areas of Focus in Cloud Computing • Alignment with Industry Control Frameworks Architectural Relevance Team Comments Internal Risk Rating Alignment of AWS with Internal Controls Internal Controls
Consider All of Your Costs • • • We definitely saw a reduction in expense The cost equation is not simply instances*hours*price Your AWS instance usage needs monitoring – – – • You still need to support your AWS infrastructure – • Standard infrastructure jobs still apply: provisioning, patching, software installs, backups, anti-virus and tools Moving can generate new workloads for additional costs – • Elastic provisioning makes it easy to generate instance creep increasing cost Reserved might be cheaper over time On-demand instances need to be reviewed regularly for conversion to reserved Managing client side IDS and firewalls Useful considerations – – – Auto start/stop can save considerable money Amazon CloudWatch can be configured to report on spending thresholds AWS Trusted Advisor can find significant cost savings based on usage stats
Infrastructure Monitoring • CloudWatch is your first resource – Pay for “Detailed Monitoring” – Set up CloudWatch alarms on basic thresholds: CPU, network, disk usage, spend • Monitor your events – Watch for unexpected instance reboots and maintenance – Use the AWS API to automate event monitor when possible • Expand CloudWatch with your existing third-party monitoring – CloudWatch will not replace your existing tool set – You can run your agents on the AWS instances • Can allow you to recycle existing scripts and code • Monitor OS-level activity, events, services, logs, etc
Security Monitoring • • AWS security works best when you are building apps to leverage AWS services AWS has some limitations for traditional security monitoring – – – • Limited Inspection and auditing of your traffic Limited traditional integration with third-party vendor products Better (targeted) service offerings to support “traditional” application environments You can do some things to mitigate certain limitations – Always use VPCs when possible to help control traffic • – – – • Separate dev/test, prod and Internet apps to their own VPCs Consider host-based firewalls and IDS All traffic flows through your traditional data center when possible Terminate AWS Direct Connect at firewalls to assist with traffic inspection Locked-down AWS console – – – Multifactor authentication Permission restrictions Limited access
Disaster Planning • Consider your real uptime need – Amazon SLA is 99.95% availability for EC2 infrastructure each month – That’s 3.6 hours per month of downtime • Your zone will be degraded • Quick recovery and redundancy can be architected – Create an AMI (Amazon machine image) of your working, patched server on a regular basis – Take snapshots of your instances on a regular basis – Use Amazon S3 service to keep images and snapshots available in multiple regions and zones
Thank You • Questions?
Please give us your feedback on this presentation ENT207 As a thank you, we will select prize winners daily for completed surveys!

Recommended

Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSLahav Savir
 
Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionYour First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionAmazon Web Services
 
Hybrid cloud monitoring - Mumbai seminar
Hybrid cloud monitoring - Mumbai seminarHybrid cloud monitoring - Mumbai seminar
Hybrid cloud monitoring - Mumbai seminarManageEngine, Zoho Corporation
 
Optimize application performance - Mumbai Seminar
Optimize application performance - Mumbai Seminar Optimize application performance - Mumbai Seminar
Optimize application performance - Mumbai Seminar ManageEngine, Zoho Corporation
 
Network Bandwidth management - Mumbai Seminar
Network Bandwidth management - Mumbai SeminarNetwork Bandwidth management - Mumbai Seminar
Network Bandwidth management - Mumbai SeminarManageEngine, Zoho Corporation
 
Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...
Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...
Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...APNIC
 
Applications Performance Monitoring with Applications Manager part 1
Applications Performance Monitoring with Applications Manager part 1Applications Performance Monitoring with Applications Manager part 1
Applications Performance Monitoring with Applications Manager part 1ManageEngine, Zoho Corporation
 
DevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudDevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudLahav Savir
 

Recommended

Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSLahav Savir
 
Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionYour First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionAmazon Web Services
 
Hybrid cloud monitoring - Mumbai seminar
Hybrid cloud monitoring - Mumbai seminarHybrid cloud monitoring - Mumbai seminar
Hybrid cloud monitoring - Mumbai seminarManageEngine, Zoho Corporation
 
Optimize application performance - Mumbai Seminar
Optimize application performance - Mumbai Seminar Optimize application performance - Mumbai Seminar
Optimize application performance - Mumbai Seminar ManageEngine, Zoho Corporation
 
Network Bandwidth management - Mumbai Seminar
Network Bandwidth management - Mumbai SeminarNetwork Bandwidth management - Mumbai Seminar
Network Bandwidth management - Mumbai SeminarManageEngine, Zoho Corporation
 
Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...
Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...
Democratizing Insecurity: Bringing security weaknesses to the tech masses, by...APNIC
 
Applications Performance Monitoring with Applications Manager part 1
Applications Performance Monitoring with Applications Manager part 1Applications Performance Monitoring with Applications Manager part 1
Applications Performance Monitoring with Applications Manager part 1ManageEngine, Zoho Corporation
 
DevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudDevOps sensors 360° high availability in the cloud
DevOps sensors 360° high availability in the cloudLahav Savir
 
Jsm computer solutions
Jsm computer solutionsJsm computer solutions
Jsm computer solutionsJason Mast
 
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionAlgosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionMaytal Levi
 
Server and application monitoring webinars [Applications Manager] - Part 2
Server and application monitoring webinars [Applications Manager] - Part 2Server and application monitoring webinars [Applications Manager] - Part 2
Server and application monitoring webinars [Applications Manager] - Part 2ManageEngine, Zoho Corporation
 
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Amazon Web Services
 
AlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarAlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarMaytal Levi
 
AWS security monitoring and compliance validation from Adobe.
AWS security monitoring and compliance validation from Adobe.AWS security monitoring and compliance validation from Adobe.
AWS security monitoring and compliance validation from Adobe.Splunk
 
Migrating Application Connectivity and Network Security to AWS
Migrating Application Connectivity and Network Security to AWSMigrating Application Connectivity and Network Security to AWS
Migrating Application Connectivity and Network Security to AWSAlgoSec
 
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Alibaba Cloud
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityAlibaba Cloud
 
Putting the Sec into DevOps
Putting the Sec into DevOpsPutting the Sec into DevOps
Putting the Sec into DevOpsMaytal Levi
 
Siebel Monitoring Tools
Siebel Monitoring ToolsSiebel Monitoring Tools
Siebel Monitoring ToolsAlceu Rodrigues de Freitas Junior
 
Enterprise Beacon Object Hive - Siebel Version Control
Enterprise Beacon Object Hive - Siebel Version ControlEnterprise Beacon Object Hive - Siebel Version Control
Enterprise Beacon Object Hive - Siebel Version ControlMilind Waikul
 
From Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityFrom Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityJason Chan
 
Demystifying Azure App Service Networking
Demystifying Azure App Service NetworkingDemystifying Azure App Service Networking
Demystifying Azure App Service NetworkingMohamed Wali
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivityshira koper
 
Finding application problems before they impact users
Finding application problems before they impact usersFinding application problems before they impact users
Finding application problems before they impact usersCA Application Performance Management (APM)
 
AWS Webinar Using AWS OpsWorks and Amazon VPC
AWS Webinar Using AWS OpsWorks and Amazon VPC AWS Webinar Using AWS OpsWorks and Amazon VPC
AWS Webinar Using AWS OpsWorks and Amazon VPC Amazon Web Services
 
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectRethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectCloudPassage
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedJason Chan
 
Cloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSCloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSAkshay Mathur
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 

More Related Content

What's hot

Jsm computer solutions
Jsm computer solutionsJsm computer solutions
Jsm computer solutionsJason Mast
 
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionAlgosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionMaytal Levi
 
Server and application monitoring webinars [Applications Manager] - Part 2
Server and application monitoring webinars [Applications Manager] - Part 2Server and application monitoring webinars [Applications Manager] - Part 2
Server and application monitoring webinars [Applications Manager] - Part 2ManageEngine, Zoho Corporation
 
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Amazon Web Services
 
AlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarAlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarMaytal Levi
 
AWS security monitoring and compliance validation from Adobe.
AWS security monitoring and compliance validation from Adobe.AWS security monitoring and compliance validation from Adobe.
AWS security monitoring and compliance validation from Adobe.Splunk
 
Migrating Application Connectivity and Network Security to AWS
Migrating Application Connectivity and Network Security to AWSMigrating Application Connectivity and Network Security to AWS
Migrating Application Connectivity and Network Security to AWSAlgoSec
 
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Alibaba Cloud
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityAlibaba Cloud
 
Putting the Sec into DevOps
Putting the Sec into DevOpsPutting the Sec into DevOps
Putting the Sec into DevOpsMaytal Levi
 
Enterprise Beacon Object Hive - Siebel Version Control
Enterprise Beacon Object Hive - Siebel Version ControlEnterprise Beacon Object Hive - Siebel Version Control
Enterprise Beacon Object Hive - Siebel Version ControlMilind Waikul
 
From Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityFrom Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityJason Chan
 
Demystifying Azure App Service Networking
Demystifying Azure App Service NetworkingDemystifying Azure App Service Networking
Demystifying Azure App Service NetworkingMohamed Wali
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivityshira koper
 
AWS Webinar Using AWS OpsWorks and Amazon VPC
AWS Webinar Using AWS OpsWorks and Amazon VPC AWS Webinar Using AWS OpsWorks and Amazon VPC
AWS Webinar Using AWS OpsWorks and Amazon VPC Amazon Web Services
 
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectRethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectCloudPassage
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedJason Chan
 
Cloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSCloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSAkshay Mathur
 

What's hot (20)

Jsm computer solutions
Jsm computer solutionsJsm computer solutions
Jsm computer solutions
 
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solutionAlgosec 5 more_things_you_can_do_with_a_security_policy_management_solution
Algosec 5 more_things_you_can_do_with_a_security_policy_management_solution
 
Server and application monitoring webinars [Applications Manager] - Part 2
Server and application monitoring webinars [Applications Manager] - Part 2Server and application monitoring webinars [Applications Manager] - Part 2
Server and application monitoring webinars [Applications Manager] - Part 2
 
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
Too Many Tools? How AWS Systems Manager Bridges Operational Models - AWS Summ...
 
AlgoSec Application Migration Webinar
AlgoSec Application Migration WebinarAlgoSec Application Migration Webinar
AlgoSec Application Migration Webinar
 
AWS security monitoring and compliance validation from Adobe.
AWS security monitoring and compliance validation from Adobe.AWS security monitoring and compliance validation from Adobe.
AWS security monitoring and compliance validation from Adobe.
 
Migrating Application Connectivity and Network Security to AWS
Migrating Application Connectivity and Network Security to AWSMigrating Application Connectivity and Network Security to AWS
Migrating Application Connectivity and Network Security to AWS
 
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
Cyber Security Compliance Solutions for Foreign Companies in China - Alibaba ...
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application Security
 
Putting the Sec into DevOps
Putting the Sec into DevOpsPutting the Sec into DevOps
Putting the Sec into DevOps
 
Siebel Monitoring Tools
Siebel Monitoring ToolsSiebel Monitoring Tools
Siebel Monitoring Tools
 
Enterprise Beacon Object Hive - Siebel Version Control
Enterprise Beacon Object Hive - Siebel Version ControlEnterprise Beacon Object Hive - Siebel Version Control
Enterprise Beacon Object Hive - Siebel Version Control
 
From Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product SecurityFrom Gates to Guardrails: Alternate Approaches to Product Security
From Gates to Guardrails: Alternate Approaches to Product Security
 
Demystifying Azure App Service Networking
Demystifying Azure App Service NetworkingDemystifying Azure App Service Networking
Demystifying Azure App Service Networking
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application ConnectivityMovin' On Up to the Cloud: How to Migrate your Application Connectivity
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
 
Finding application problems before they impact users
Finding application problems before they impact usersFinding application problems before they impact users
Finding application problems before they impact users
 
AWS Webinar Using AWS OpsWorks and Amazon VPC
AWS Webinar Using AWS OpsWorks and Amazon VPC AWS Webinar Using AWS OpsWorks and Amazon VPC
AWS Webinar Using AWS OpsWorks and Amazon VPC
 
Rethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure EffectRethinking Security: The Cloud Infrastructure Effect
Rethinking Security: The Cloud Infrastructure Effect
 
Resilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons LearnedResilience and Security @ Scale: Lessons Learned
Resilience and Security @ Scale: Lessons Learned
 
Cloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSCloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADS
 

Similar to How Federal Home Loan Bank of Chicago Maintains Control in the Cloud (ENT207) | AWS re:Invent 2013

AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS SecurityAmazon Web Services
 
Pragmatic container security - DEM11-R - AWS re:Inforce 2019
Pragmatic container security - DEM11-R - AWS re:Inforce 2019 Pragmatic container security - DEM11-R - AWS re:Inforce 2019
Pragmatic container security - DEM11-R - AWS re:Inforce 2019 Amazon Web Services
 
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyAmazon Web Services
 
Infrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large EnterprisesInfrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large EnterprisesTensult
 
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013Amazon Web Services
 
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...Amazon Web Services
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAmazon Web Services
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Amazon Web Services
 
Enterprise Management for the AWS Cloud
Enterprise Management for the AWS CloudEnterprise Management for the AWS Cloud
Enterprise Management for the AWS Cloud2nd Watch
 
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...Amazon Web Services
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 
AWS Summit Berlin 2013 - Keynote Steve Schmidt
AWS Summit Berlin 2013 - Keynote Steve SchmidtAWS Summit Berlin 2013 - Keynote Steve Schmidt
AWS Summit Berlin 2013 - Keynote Steve SchmidtAWS Germany
 
Barracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the CloudBarracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the CloudAmazon Web Services
 

Similar to How Federal Home Loan Bank of Chicago Maintains Control in the Cloud (ENT207) | AWS re:Invent 2013 (20)

AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Pragmatic container security - DEM11-R - AWS re:Inforce 2019
Pragmatic container security - DEM11-R - AWS re:Inforce 2019 Pragmatic container security - DEM11-R - AWS re:Inforce 2019
Pragmatic container security - DEM11-R - AWS re:Inforce 2019
 
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyPragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit Sydney
 
Infrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large EnterprisesInfrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large Enterprises
 
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
Enterprise Management for the AWS Cloud (DMG209) | AWS re:Invent 2013
 
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security Keynote
 
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...
 
Enterprise Management for the AWS Cloud
Enterprise Management for the AWS CloudEnterprise Management for the AWS Cloud
Enterprise Management for the AWS Cloud
 
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
AWS Webcast - Sumo Logic
AWS Webcast - Sumo LogicAWS Webcast - Sumo Logic
AWS Webcast - Sumo Logic
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector
 
AWS Summit Berlin 2013 - Keynote Steve Schmidt
AWS Summit Berlin 2013 - Keynote Steve SchmidtAWS Summit Berlin 2013 - Keynote Steve Schmidt
AWS Summit Berlin 2013 - Keynote Steve Schmidt
 
Barracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the CloudBarracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the Cloud
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

How Federal Home Loan Bank of Chicago Maintains Control in the Cloud (ENT207) | AWS re:Invent 2013

  • 1. How Federal Home Loan Bank of Chicago Maintains Control in the Cloud Eric Geiger, Federal Home Loan Bank of Chicago © 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 2. Federal Home Loan Banks • Created by Congress in 1932 • Each is a cooperative owned by members in its district • Members include banks, thrifts, credit unions, insurance companies, and housing finance institutions • As of September 30, 2013, almost 7,500 members in the FHLBank System • Each FHLBank is registered with the SEC • Each FHLBank is governed by a separate board of directors, but regulated by a single regulator, Federal Housing Finance Agency
  • 3. Why Did FHLBC Start Using AWS • Exploring infrastructure options – – – Faster server provisioning Required options and flexibility to replace existing hardware Wanted to reduce hardware expense • What brought us to Amazon – – – – Leader in the space Vast array of options Easy entry into the services Quickly observable results • Our initial concerns – – – Security Performance Reliability/durability/availability
  • 4. Due Diligence is Key Communicate Before Proof of Concept Framework Cost Security After Monitoring Disaster Planning CONTINUOUS
  • 5. Communicate with Your Organization • We had many preconceived notions – – • Amazon is just a bookstore, isn’t it? The “cloud” isn’t secure! Get educated – Read the whitepapers • • • • – Review the AWS security and compliance sites • • • • • http://aws.amazon.com/whitepapers “Overview of Amazon Web Services” “AWS Risk and Compliance” whitepaper “Auditing Security Checklist for Use of AWS” http://aws.amazon.com/security http://aws.amazon.com/compliance This is more than simply moving infrastructure Is there guidance from governance bodies Ensure business buy-in early
  • 6. Try a Small POC • Level set your expectations • What are you planning to use AWS for – Only web services – Core infrastructure – Data and database services • Explore the service options • Important basics to consider – Pick a region/zone that’s close – Set up a VPC – Test your network connectivity and see if it’s sufficient
  • 7. Evaluate with a Framework • AWS has many certifications and accreditations: HIPPA, SOC 1, SOC 2, SOC 3, PCI, ISO 27001, FISMA, FedRAMP, ITAR, FIPS 140-2 • How do the certifications pertain to you? – – Certification need to be mapped back to your own compliance and control framework The bank used the Cloud Security Alliance framework as our starting point • https://cloudsecurityalliance.org/ • Time-consuming process to map associations – – Will draw attention to areas your own control framework needs revision Should be done by multiple areas in your organization • • • IT security IT operations Internal audit
  • 8. Aligning Your Framework to AWS Our example using the Security Guidance for Critical Areas of Focus in Cloud Computing • Alignment with Industry Control Frameworks Architectural Relevance Team Comments Internal Risk Rating Alignment of AWS with Internal Controls Internal Controls
  • 9. Consider All of Your Costs • • • We definitely saw a reduction in expense The cost equation is not simply instances*hours*price Your AWS instance usage needs monitoring – – – • You still need to support your AWS infrastructure – • Standard infrastructure jobs still apply: provisioning, patching, software installs, backups, anti-virus and tools Moving can generate new workloads for additional costs – • Elastic provisioning makes it easy to generate instance creep increasing cost Reserved might be cheaper over time On-demand instances need to be reviewed regularly for conversion to reserved Managing client side IDS and firewalls Useful considerations – – – Auto start/stop can save considerable money Amazon CloudWatch can be configured to report on spending thresholds AWS Trusted Advisor can find significant cost savings based on usage stats
  • 10. Infrastructure Monitoring • CloudWatch is your first resource – Pay for “Detailed Monitoring” – Set up CloudWatch alarms on basic thresholds: CPU, network, disk usage, spend • Monitor your events – Watch for unexpected instance reboots and maintenance – Use the AWS API to automate event monitor when possible • Expand CloudWatch with your existing third-party monitoring – CloudWatch will not replace your existing tool set – You can run your agents on the AWS instances • Can allow you to recycle existing scripts and code • Monitor OS-level activity, events, services, logs, etc
  • 11. Security Monitoring • • AWS security works best when you are building apps to leverage AWS services AWS has some limitations for traditional security monitoring – – – • Limited Inspection and auditing of your traffic Limited traditional integration with third-party vendor products Better (targeted) service offerings to support “traditional” application environments You can do some things to mitigate certain limitations – Always use VPCs when possible to help control traffic • – – – • Separate dev/test, prod and Internet apps to their own VPCs Consider host-based firewalls and IDS All traffic flows through your traditional data center when possible Terminate AWS Direct Connect at firewalls to assist with traffic inspection Locked-down AWS console – – – Multifactor authentication Permission restrictions Limited access
  • 12. Disaster Planning • Consider your real uptime need – Amazon SLA is 99.95% availability for EC2 infrastructure each month – That’s 3.6 hours per month of downtime • Your zone will be degraded • Quick recovery and redundancy can be architected – Create an AMI (Amazon machine image) of your working, patched server on a regular basis – Take snapshots of your instances on a regular basis – Use Amazon S3 service to keep images and snapshots available in multiple regions and zones
  • 14. Please give us your feedback on this presentation ENT207 As a thank you, we will select prize winners daily for completed surveys!