In this session we will cover the most common cloud security questions that we hear from customers. We provide detailed answers for each question distilled from our practical experience working with organisations around the world. This session is for everyone curious about the cloud, cautious about the cloud, or excited about the cloud.

1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Top Cloud Security Myths – Dispelled!
Adam Hunter
Solutions Architect, AWS

2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
SECURITY IS
JOB ZERO

3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Three Stages Of Cloud Security Curiosity
General Cloud
Security
Specific Service
Security
Data
Security
New to Cloud
and / or
Business Teams
Experienced in Cloud
and / or
Technology Teams
Advanced in Cloud
and / or
Risk Teams

4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cloud Security
Service Security
Data
Security
Part 1: General Cloud Security

5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 1:
“The public cloud is not as secure as my
on-premises infrastructure and not as
secure as my private cloud.”
Cloud
Service
Data

6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
1: AWS Security Of The Cloud And In The Cloud
Visible AutomatedPhysical
AWS’s global infrastructure is built to meet the requirements of the
most security-sensitive organisations in the world.
Cloud
Service
Data

7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 2:
“When I put my data in the cloud I lose
ownership of it, and it may move across
national borders.”
Cloud
Service
Data

8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
2: You Control And Own Your Content
Access TraceabilityOwnership
You retain ownership and control of your content, and you
choose which region that content resides in.
Cloud
Service
Data

9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 3:
“I am a highly regulated business and I
cannot use the cloud because of my
compliance requirements.”
Cloud
Service
Data

10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
3: AWS Global Compliance Program
Countries Enterprise
Agreement
Certifications
Our security assurance program meets or exceeds industry, country-
specific and global security requirements.
Cloud
Service
Data

11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 4:
“My business requires sensitive personal
data, I can not use the cloud.”
Cloud
Service
Data

12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
4: Using Encryption On AWS
AWS KMS High
Standards
Ubiquitous
AWS encryption services are integrated into dozens of our
services and meet the strictest industry requirements.
Cloud
Service
Data

13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Part 2: Specific Service Security
Cloud Security
Service Security
Data
Security

14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 5:
“I cannot use the cloud to store
sensitive data because everyone will
have access to it.”
Cloud
Service
Data

15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
7: How To Secure Data In Amazon S3
Notify RespondProtect
Amazon S3 and our other storage services are secure by default.
Customers control who can access their data, and AWS provides
multiple tools so you can understand how access is configured.
Cloud
Service
Data

16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 6:
“I hear about secret keys being stolen,
the way you grant access is not secure.”
Cloud
Service
Data

17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
8: How To Protect AWS Credentials
Temporary
Access
Amazon
GuardDuty
Multi-Factor
Authentication
AWS provides a number of tools to protect your identity and
access credentials and to help you detect misuse.
Cloud
Service
Data

18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 7:
“I cannot control the deletion of my data
and I cannot verify it has been deleted.”
Cloud
Service
Data

19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
9: How AWS Manages Data Deletion
Physical ValidatedLogical
When you delete your data we take multiple steps to wipe it
and eventually destroy it. This process is validated by
independent third parties.
Cloud
Service
Data

20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cloud Security
Service Security
Data
Security
Part 3: Data Access Security

21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 8:
“The government can access my
data at any time.”
Cloud
Service
Data

22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
11: How AWS Manages Information Requests
Notification EncryptionValid Requests
Amazon does not disclose customer information unless we’re
required to do so to comply with a legally valid and binding order.
Where we need to act publicly to protect customers, we do.
Cloud
Service
Data

23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Myth 9:
“A malicious insider can look at my data
via your shared administrative access.”
Cloud
Service
Data

24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
12: How AWS Manages Administrative Access
Technology
Controls
Process
Controls
Automation
AWS strictly controls our infrequent administrative access to services.
This process has executive oversight within AWS and is
validated by independent third parties.
Cloud
Service
Data

25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cloud Security
Service Security
Data
Security

26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Benefits Of The AWS Cloud
Automate
with deeply
integrated
security
services
Inherit
global
security and
compliance
controls
Highest
standards
for privacy
and data
security
Largest
network
of security
partners and
solutions
Scale with
superior
visibility and
control

27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
http://amzn.to/2FZdEgH
SECURITY IS
JOB ZERO

28. Thank you