SlideShare a Scribd company logo

Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks

Amazon Web Services
Amazon Web Services

End-user security is a constant challenge for IT leaders who must balance the business needs of BYOD, distributed workforce, and ready access to business resources, against protecting those same resources from hackers and malware. Amazon WorkSpaces provides a more secure environment over conventional desktop infrastructure because data and applications reside in the cloud, is encrypted during I/O, at rest, and in snapshots, and is not located on end-user devices. In this tech talk we will discuss how you can better secure your IT infrastructure, intellectual property, and sensitive information, and provide recommendations for best practices to help you protect your desktop computing devices using a managed Desktop-as-a-Service (DaaS) solution.

1 of 16
Nathan Thomas, GM Amazon WorkSpaces Securing Desktops in the Cloud |Webinars
A cost-effective, fully-managed secure cloud desktop Highly secure Pay-as-you-go Simple management Highly secure cloud desktops protecting your corporate data Scale consistently
What Customers Are Telling Us What’s not working? Personal Computers  Secure endpoints  BYOD is complicated  Data must be backed up  Expensive to scale On-Premises VDI  Upfront investment  Weeks to deploy  Requires management  Servers must be secured  Expensive to scale Embrace personal devices Support contract workers Access for mobile workers Data Security Agility
Business Cyber Security Challenges
Physical Access 43% of US employees worked remotely in 2016 Diversity of Devices As of June 2017, non- Windows OS share was close to 52% in both US and the UK Data and Apps Reside on Client Devices Data Breach In 2016, the average data breach cost $3.62M1 WannaCry ransomware attack estimated to have cost $4.0B worldwide Client end-points security out of corporate networks BlueBorne vulnerabilities impact over 5 billion Bluetooth-enabled devices, and not all devices will receive patches.
DaaS Improves Security WorkSpaces enables customers to have tighter security policies and a stronger security posture, without compromising end-user access to needed resources. No sensitive data on end users’ devices WorkSpace data encrypted at rest Desktop stream encrypted in transit
Amazon WorkSpaces Security
Secure Desktops In the Cloud Your data stored at rest, disk I/O to the volume, and snapshots created from encrypted volumes are encrypted and never reside on the local client. Storage volume encryption Enterprise cyber security solutions Patch management 1. Enterprise Strategy Group: TechTruths: BYOD and Productivity, 2015 Image updates No data on local client
AES encrypted streaming Secure gateways for access Security groups Secure Data In-transit For better security, it is possible to connect your WorkSpaces VPC with your on-premises network (where your AD resides) using a VPN connection. PCoIP remote display protocol
Client Endpoints Security No user credentials are transmitted in clear text at any time. Multifactor authentication Proxy access Narrow access with certificate- based client authentication 1. Enterprise Strategy Group: TechTruths: BYOD and Productivity, 2015 TLS encrypted logins
Works with Your Existing Security Infrastructure Microsoft Active Directory Multifactor authentication (RADIUS) Intranet Amazon WorkSpaces integrates easily with your on-premises security tools and solutions Certificate Authority service Anti-virus solutions
Amazon WorkSpaces Compliance  Certification – SOC 1, SOC 2, ISO 9001 and ISO 27001  HIPAA-eligible with Business Associate Agreement (BAA)  PCI DSS Level 1 compliant  EU General Data Protection Regulation (GDPR) ready May 2018
Amazon WorkSpaces Security Best Practices
Strengthen Your Security Posture Leverage client OS- level access controls Implement an anti- virus/cyber security solution Apply security group rules to WorkSpaces Encrypt both WorkSpaces volumes Enable MFA Manage client access with certificate-based client authentication Schedule Windows updates for WorkSpaces Enforce strong password policies via Active Directory
• DaaS improves enterprise security by keeping data within corporate digital boundaries • Amazon WorkSpaces works with your existing security infrastructure • Amazon WorkSpaces allows you to deploy cloud desktops, adhere to your existing security procedures, and meet regulatory compliance requirements In Summary
Questions

Recommended

Strategie di CRM
Strategie di CRMStrategie di CRM
Strategie di CRMfabriziocanevari
 
La fidelizzazione del cliente
La fidelizzazione del clienteLa fidelizzazione del cliente
La fidelizzazione del clienteStefano Colombini
 
Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS Workloads Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The CloudStephen Rose
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Solutions Overview
Solutions OverviewSolutions Overview
Solutions Overviewmelcash
 

Recommended

Strategie di CRM
Strategie di CRMStrategie di CRM
Strategie di CRMfabriziocanevari
 
La fidelizzazione del cliente
La fidelizzazione del clienteLa fidelizzazione del cliente
La fidelizzazione del clienteStefano Colombini
 
Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS Workloads Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
IT Pros and The Cloud
IT Pros and The CloudIT Pros and The Cloud
IT Pros and The CloudStephen Rose
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Solutions Overview
Solutions OverviewSolutions Overview
Solutions Overviewmelcash
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Intelligentia IT Systems Pvt. Ltd.
 
Microsoft Cloud
Microsoft CloudMicrosoft Cloud
Microsoft CloudConnor Russo
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...David J Rosenthal
 
Mobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaMobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaBipeen Sinha
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefingguestb099f64c
 
Introduction to Microsoft 365
Introduction to Microsoft 365Introduction to Microsoft 365
Introduction to Microsoft 365Robert Crane
 
Fortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsFortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsAmazon Web Services
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Ravikumar Sathyamurthy
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforceThe Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforcePerimeter 81
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome KitLuca Simonelli
 
What is Windows Azure Platform
What is Windows Azure PlatformWhat is Windows Azure Platform
What is Windows Azure PlatformDavid Chou
 
Cloud Desktops Are Safe for Enterprises: 5 Ways How!
Cloud Desktops Are Safe for Enterprises: 5 Ways How!Cloud Desktops Are Safe for Enterprises: 5 Ways How!
Cloud Desktops Are Safe for Enterprises: 5 Ways How!vDesk.Works
 
Security Innovations in the Cloud
Security Innovations in the CloudSecurity Innovations in the Cloud
Security Innovations in the CloudAmazon Web Services
 
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxfinal-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxRomanKlamke1
 
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxfinal-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxRomanKlamke1
 
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 

More Related Content

Similar to Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks

Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignAmazon Web Services
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...David J Rosenthal
 
Mobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaMobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaBipeen Sinha
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefingguestb099f64c
 
Introduction to Microsoft 365
Introduction to Microsoft 365Introduction to Microsoft 365
Introduction to Microsoft 365Robert Crane
 
Fortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsFortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsAmazon Web Services
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWithum
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforceThe Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforcePerimeter 81
 
What is Windows Azure Platform
What is Windows Azure PlatformWhat is Windows Azure Platform
What is Windows Azure PlatformDavid Chou
 
Cloud Desktops Are Safe for Enterprises: 5 Ways How!
Cloud Desktops Are Safe for Enterprises: 5 Ways How!Cloud Desktops Are Safe for Enterprises: 5 Ways How!
Cloud Desktops Are Safe for Enterprises: 5 Ways How!vDesk.Works
 
Security Innovations in the Cloud
Security Innovations in the CloudSecurity Innovations in the Cloud
Security Innovations in the CloudAmazon Web Services
 
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxfinal-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxRomanKlamke1
 
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxfinal-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxRomanKlamke1
 

Similar to Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks (20)

Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?Can You Trust Cloud Security In Public Cloud?
Can You Trust Cloud Security In Public Cloud?
 
Microsoft Cloud
Microsoft CloudMicrosoft Cloud
Microsoft Cloud
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
 
Mobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen SinhaMobility & security Microsoft SPE5 By Bipeen Sinha
Mobility & security Microsoft SPE5 By Bipeen Sinha
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
 
Introduction to Microsoft 365
Introduction to Microsoft 365Introduction to Microsoft 365
Introduction to Microsoft 365
 
Fortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsFortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure Workloads
 
Webinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft CloudWebinar: Securing Remote Workforce on the Microsoft Cloud
Webinar: Securing Remote Workforce on the Microsoft Cloud
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365Modern Workplace with Microsoft 365
Modern Workplace with Microsoft 365
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern WorkforceThe Software-Defined Perimeter: Securing Network Access for the Modern Workforce
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
 
Partner Welcome Kit
Partner Welcome KitPartner Welcome Kit
Partner Welcome Kit
 
What is Windows Azure Platform
What is Windows Azure PlatformWhat is Windows Azure Platform
What is Windows Azure Platform
 
Cloud Desktops Are Safe for Enterprises: 5 Ways How!
Cloud Desktops Are Safe for Enterprises: 5 Ways How!Cloud Desktops Are Safe for Enterprises: 5 Ways How!
Cloud Desktops Are Safe for Enterprises: 5 Ways How!
 
Security Innovations in the Cloud
Security Innovations in the CloudSecurity Innovations in the Cloud
Security Innovations in the Cloud
 
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxfinal-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
 
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptxfinal-customer-pitch-deck-windows-server-2022-for-smbs.pptx
final-customer-pitch-deck-windows-server-2022-for-smbs.pptx
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks

  • 1. Nathan Thomas, GM Amazon WorkSpaces Securing Desktops in the Cloud |Webinars
  • 2. A cost-effective, fully-managed secure cloud desktop Highly secure Pay-as-you-go Simple management Highly secure cloud desktops protecting your corporate data Scale consistently
  • 3. What Customers Are Telling Us What’s not working? Personal Computers  Secure endpoints  BYOD is complicated  Data must be backed up  Expensive to scale On-Premises VDI  Upfront investment  Weeks to deploy  Requires management  Servers must be secured  Expensive to scale Embrace personal devices Support contract workers Access for mobile workers Data Security Agility
  • 5. Physical Access 43% of US employees worked remotely in 2016 Diversity of Devices As of June 2017, non- Windows OS share was close to 52% in both US and the UK Data and Apps Reside on Client Devices Data Breach In 2016, the average data breach cost $3.62M1 WannaCry ransomware attack estimated to have cost $4.0B worldwide Client end-points security out of corporate networks BlueBorne vulnerabilities impact over 5 billion Bluetooth-enabled devices, and not all devices will receive patches.
  • 6. DaaS Improves Security WorkSpaces enables customers to have tighter security policies and a stronger security posture, without compromising end-user access to needed resources. No sensitive data on end users’ devices WorkSpace data encrypted at rest Desktop stream encrypted in transit
  • 8. Secure Desktops In the Cloud Your data stored at rest, disk I/O to the volume, and snapshots created from encrypted volumes are encrypted and never reside on the local client. Storage volume encryption Enterprise cyber security solutions Patch management 1. Enterprise Strategy Group: TechTruths: BYOD and Productivity, 2015 Image updates No data on local client
  • 9. AES encrypted streaming Secure gateways for access Security groups Secure Data In-transit For better security, it is possible to connect your WorkSpaces VPC with your on-premises network (where your AD resides) using a VPN connection. PCoIP remote display protocol
  • 10. Client Endpoints Security No user credentials are transmitted in clear text at any time. Multifactor authentication Proxy access Narrow access with certificate- based client authentication 1. Enterprise Strategy Group: TechTruths: BYOD and Productivity, 2015 TLS encrypted logins
  • 11. Works with Your Existing Security Infrastructure Microsoft Active Directory Multifactor authentication (RADIUS) Intranet Amazon WorkSpaces integrates easily with your on-premises security tools and solutions Certificate Authority service Anti-virus solutions
  • 12. Amazon WorkSpaces Compliance  Certification – SOC 1, SOC 2, ISO 9001 and ISO 27001  HIPAA-eligible with Business Associate Agreement (BAA)  PCI DSS Level 1 compliant  EU General Data Protection Regulation (GDPR) ready May 2018
  • 14. Strengthen Your Security Posture Leverage client OS- level access controls Implement an anti- virus/cyber security solution Apply security group rules to WorkSpaces Encrypt both WorkSpaces volumes Enable MFA Manage client access with certificate-based client authentication Schedule Windows updates for WorkSpaces Enforce strong password policies via Active Directory
  • 15. • DaaS improves enterprise security by keeping data within corporate digital boundaries • Amazon WorkSpaces works with your existing security infrastructure • Amazon WorkSpaces allows you to deploy cloud desktops, adhere to your existing security procedures, and meet regulatory compliance requirements In Summary

Editor's Notes

  1. 14