SlideShare a Scribd company logo

AWS Webcast - Security Best Practices on AWS

ā€¢
ā€¢
Amazon Web Services
Amazon Web Services

Amazon Web Services (AWS) delivers a highly scalable cloud computing platform with high availability and reliability, and the flexibility to enable customers to build a wide range of applications. In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides appropriate security features in those services, and documents how to use those features. In addition, AWS customers must use those features and best practices to architect an appropriately secure application environment. Join this webcast to learn more.

TechnologyBusiness
1 of 37
Download to read offline
Security Best Practices on AWS Understanding AWS Security, the Shared Responsibility Model, and some security best practices Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Cloud Security is: Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Every Customer Has Access to the Same Security Capabilities And gets to choose whatā€™s right for their business needs ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ Governments Financial Sector Pharmaceuticals Entertainment Start-ups Social Media Home Users Retail Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Visible Cloud Security This Or This? Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Auditable Cloud Security Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Transparent Cloud Security http://aws.amazon.com/compliance/ Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
ISO 27001 Certification Covers the AWS Information Security Management System Follows ISO 27002 best practice guidance Includes all Regions Certification in the standard requires: ā€¢ ā€¢ ā€¢ ā€¢ Systematic evaluation of information security risks Evaluate the impact of company threats and vulnerabilities Design and implement comprehensive information security controls Adopt an overarching management process to ensure that the information security controls meet the information security needs on an ongoing basis Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Service Organization Controls American Institute of Certified Public Accountants report What it contains Who uses it SOC 1 Attests that the AWS internal controls for financial reporting are appropriately designed and the controls are operating effectively User auditors & usersā€™ controllerā€™s office. Shared under NDA by AWS. SOC 2 Expanded evaluation of controls to include AICPA Trust Services Principles Management, regulators & others. Shared under NDA by AWS. SOC 3 Summary of SOC 2 and provides AICPA SysTrust Security Seal. Management, regulators & others. Publicly available. Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
PCI DSS Level 1 Service Provider PCI DSS 2.0 compliant Covers core infrastructure & services ā€¢ EC2, EBS, VPC, ELB, DirectConnect, S3, Glacier, RDS, DynamoDB, SimpleDB, EMR, RedShift, CloudHSM, and IAM Use services normally, no special configuration Leverage the work of our QSA AWS will work with merchants and designated Qualified Incident Response Assessors (QIRA) ā€¢ can support forensic investigations Certified in all regions Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
FedRAMP (FISMA) Moderate U.S. Civilian Government Agency Specific FedRAMP Approval To Operate (ATO) FISMA Moderate (NIST 800-53) ā€¢ Much more stringent than other commercial standards ā€¢ 205 high-level controls spanning 18 domains ā€¢ Access Control, Awareness & Training, Audit & Accountability, Security Assessment & Authorization, Configuration Management, Contingency Planning, ID & Authentication, Incident Response, Maintenance, Media Protection, Physical & Environment Protection, Planning, Personnel Security, Risk Assessment, System & Services Acquisition, System & Communications Protections, System & Information Integrity, Program Management Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Shared Assessments SIG Standard Information Gathering (ā€œSIGā€) Questionnaire shared under NDA ā€¢ www.sharedassessments.org Robust, easy to use set of questions to gather and assess ā€¢ Information Technology ā€¢ Operating and Security Risks (and corresponding controls) Based on referenced industry standards ā€¢ Including, but not limited to, FFIEC, ISO, COBIT and PCI Excel format with AWS provided answers Updated periodically to stay current Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Additional Initiatives U.S. Health Insurance Portability and Accountability Act (HIPAA) ā€¢ AWS enables covered entities and their business associates subject to the U.S. HIPAA to leverage the secure AWS environment to process, maintain, and store protected health information and AWS will be signing business associate agreements with such customers. Cloud Security Alliance (CSA) Questionnaire ā€¢ Answers in the Risk and Compliance Whitepaper Motion Picture Association of America (MPAA) ā€¢ Answers in the Risk and Compliance Whitepaper ā€¢ Best practices for storing, processing and delivering protected media & content Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Security & Compliance Control Objectives Control Objective 1: Control Objective 2: Control Objective 3: Control Objective 4: Control Objective 5: Safeguards Control Objective 6: Control Objective 7: Control Objective 8: Security Organization Amazon User Access Logical Security Secure Data Handling Physical Security and Environmental Change Management Data Integrity, Availability and Redundancy Incident Handling Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Security & Compliance Control Objectives (contā€™d) Control Objective 1: Security Organization ā€¢ Who we are ā€¢ Proper control & access within the organization Control Objective 2: Amazon User Access ā€¢ How we vet our staff ā€¢ Minimization of access Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Security & Compliance Control Objectives (contā€™d) Control Objective 3: Logical Security ā€¢ ā€¢ ā€¢ ā€¢ Our staff start with no system access Need-based access grants Rigorous system separation System access grants regularly evaluated & automatically revoked Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Security & Compliance Control Objectives (contā€™d) Control Objective 4: Secure Data Handling ā€¢ Storage media destroyed before being permitted outside our datacenters ā€¢ Media destruction consistent with US Dept. of Defense Directive 5220.22 Control Objective 5: Physical Security and Environmental Safeguards ā€¢ Keeping our facilities safe ā€¢ Maintaining the physical operating parameters of our datacenters Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Security & Compliance Control Objectives (contā€™d) Control Objective 6: Change Management ā€¢ Continuous operation Control Objective 7: Data Integrity, Availability and Redundancy ā€¢ Ensuring your data remains safe, intact, & available Control Objective 8: Incident Handling ā€¢ Process & procedures for mitigating and managing potential issues Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Shared Responsibility AWS ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ Customer Facilities Physical Security Physical Infrastructure Network Infrastructure Virtualization Infrastructure ā€¢ Choice of Guest OS ā€¢ Application Configuration Options ā€¢ Account Management Flexibility ā€¢ Security Groups ā€¢ Network ACLs ā€¢ Network Configuration Control Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
You Decide Where Applications and Data Reside Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Network Security Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Amazon EC2 Security Host operating system (AWS controlled) ā€¢ ā€¢ Individual SSH keyed logins via bastion host for AWS admins All accesses logged and audited Guest operating system (Customer controlled) ā€¢ ā€¢ AWS admins cannot log in Customer-generated keypairs Stateful firewall ā€¢ ā€¢ Mandatory inbound firewall, default deny mode Customer controls configuration via Security Groups Signed API calls ā€¢ Require customerā€™s secret AWS key Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Customer 1 Customer 2 ā€¦ Customer n Hypervisor Virtual interfaces Customer 1 Security groups Customer 2 Security groups ā€¦ Customer n Security groups Firewall Physical interfaces Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Tiering Security Groups Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Web (HTTP) Tiering Security Groups Firewall Dynamically created rules based on Security Group membership Effectively create tiered network architectures ā€œWebā€ Security Group: TCP 80 0.0.0.0/0 TCP 22 ā€œMgmtā€ ā€œAppā€ Security Group: TCP 8080 ā€œWebā€ TCP 22 ā€œMgmtā€ ā€œDBā€ Security Group: TCP 3306 ā€œAppā€ TCP 22 ā€œMgmtā€ ā€œMgmtā€ Security Group: TCP 22 163.128.25.32/32 Web Server 22 Firewall 808 0 App Server 22 Firewall 330 6 DB Server 22 Firewall Bastion Host Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Amazon VPC Architecture Customerā€™s isolated AWS resources NA T Internet Subnets Secure VPN connection over the Internet Customerā€™s network Router AWS Direct Connect ā€“ Dedicated Path/Bandwi dth Amazon Web Services cloud Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Amazon VPC Network Security Controls Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
VPC - Dedicated Instances Option to ensure physical hosts are not shared with other customers $2/hr flat fee per region + small hourly charge Can identify specific Instances as dedicated Optionally configure entire VPC as dedicated Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
AWS Deployment Models Logical Server and Application Isolation Granular Information Access Policy Logical Network Isolation Physical server Isolation Commercial Cloud ļƒ¼ ļƒ¼ Virtual Private Cloud (VPC) ļƒ¼ ļƒ¼ ļƒ¼ ļƒ¼ AWS GovCloud (US) ļƒ¼ ļƒ¼ ļƒ¼ ļƒ¼ Government Only Physical Network and Facility Isolation ITAR Compliant (US Persons Only) Sample Workloads Public-facing apps, web sites, dev, test, etc. Datacenter extension, TIC environment, email, FISMA low and Moderate ļƒ¼ ļƒ¼ US Persons Compliant and Government Specific Apps Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
The Importance of Access Control One of customersā€™ top considerations when moving to the cloud CONTROL Why do we want control? ā€¢ ā€¢ ā€¢ ā€¢ Appropriate access to do appropriate actions I want to implement security best practices I want to be at least as secure as on premise I must comply with certain industry specific security regulations Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
AWS Identity and Access Management (IAM) ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ Users and Groups within Accounts Unique security credentials ā€¢ Access keys ā€¢ AWS Management Console Login/Password ā€¢ Enforce password complexity ā€¢ Optional MFA device Policies control access to AWS APIs All API calls must be signed by secret key Resource level integration into many Services ā€¢ EC2: tags control access to resources ā€¢ S3: policies on objects and buckets Not for Operating Systems or Applications ā€¢ Use LDAP, Active Directory/ADFS, etc... Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Authentication Methods CLI ā€¢ Access + Secret Keys for REST calls ā€¢ SSH Keys for access to EC2 instances API ā€¢ Access + Secret Keys ā€¢ Optional multifactor authentication Web UI ā€¢ Username + Password ā€¢ Optional multifactor authentication Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Multi-Factor Authentication (MFA) Extra level of security Works with ā€¢ AWS root account ā€¢ IAM users xxxxxxxxxxxxxxxxxxxxxxxxxxx Multiple form factors ā€¢ Virtual MFA on your phone ā€¢ Hardware MFA key fobs No additional cost! ā€¢ Except for the cost of the hardware key fob Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
AWS CloudHSM Secure Key Storage ā€¢ ā€¢ ā€¢ Dedicated access to tamper-resistant HSM appliances (SafeNetĀ® Luna SA) Designed to comply with Common Criteria EAL4+ and NIST FIPS 140-2 You retain full control of your keys and cryptographic operations Contractual and Regulatory Compliance ā€¢ Helps comply with the most stringent regulatory and contractual requirements for key protection. Reliable and Durable Key Storage ā€¢ Available in multiple AZs and Regions Simple and Secure Connectivity ā€¢ ā€¢ Connected to your VPC Improved Application Performance between EC2 and HSM Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Premium Support Trusted Advisor Security Checks ā€¢ ā€¢ ā€¢ Security Group Rules (Hosts & Ports) IAM Use S3 Policies Fault Tolerance Checks ā€¢ ā€¢ ā€¢ Snapshots Multi-AZ VPN Tunnel Redundancy Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Enable Root Account MFA! If you donā€™t see: Go to: http://blogs.aws.amazon.com/security/post/Tx1KJ4H6H5 R80UD/Securing-access-to-AWS-using-MFA-Part-1 Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
AWS Security, Compliance, & Architecture Resources http://aws.amazon.com/security/ Security whitepaper Security best practices Security bulletins Customer security testing process http://aws.amazon.com/compliance/ Risk and compliance whitepaper http://aws.amazon.com/architecture/ Reference Architectures Whitepapers Webinars http://blogs.aws.amazon.com/security/ Stay up to date on security and compliance in AWS Feedback is always welcome! Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
Thank You!!! awsmax@amazon.com Any questions? Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.

Recommended

Security best practices on AWS cloud
Security best practices on AWS cloudSecurity best practices on AWS cloud
Security best practices on AWS cloud
Martin Yan
Ā 
Aws Architecture Fundamentals
Aws Architecture FundamentalsAws Architecture Fundamentals
Aws Architecture Fundamentals
2nd Watch
Ā 
AWS CSA Associate 06-07
AWS CSA Associate 06-07AWS CSA Associate 06-07
AWS CSA Associate 06-07
Heitor Vital
Ā 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Amazon Web Services
Ā 
Journey Through The Cloud Webinar Program - What is AWS?
Journey Through The Cloud Webinar Program - What is AWS?Journey Through The Cloud Webinar Program - What is AWS?
Journey Through The Cloud Webinar Program - What is AWS?
Amazon Web Services
Ā 
AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...
AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...
AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...
Amazon Web Services
Ā 
AWSome Day Manila - Opening Keynote, Feb 25 2014
AWSome Day Manila - Opening Keynote, Feb 25 2014AWSome Day Manila - Opening Keynote, Feb 25 2014
AWSome Day Manila - Opening Keynote, Feb 25 2014
Amazon Web Services
Ā 
AWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWS
AWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWSAWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWS
AWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWS
Amazon Web Services
Ā 

Recommended

Security best practices on AWS cloud
Security best practices on AWS cloudSecurity best practices on AWS cloud
Security best practices on AWS cloud
Martin Yan
Ā 
Aws Architecture Fundamentals
Aws Architecture FundamentalsAws Architecture Fundamentals
Aws Architecture Fundamentals
2nd Watch
Ā 
AWS CSA Associate 06-07
AWS CSA Associate 06-07AWS CSA Associate 06-07
AWS CSA Associate 06-07
Heitor Vital
Ā 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Amazon Web Services
Ā 
Journey Through The Cloud Webinar Program - What is AWS?
Journey Through The Cloud Webinar Program - What is AWS?Journey Through The Cloud Webinar Program - What is AWS?
Journey Through The Cloud Webinar Program - What is AWS?
Amazon Web Services
Ā 
AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...
AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...
AWS Summit Auckland 2014 | Effective Security Response in the Cloud - Session...
Amazon Web Services
Ā 
AWSome Day Manila - Opening Keynote, Feb 25 2014
AWSome Day Manila - Opening Keynote, Feb 25 2014AWSome Day Manila - Opening Keynote, Feb 25 2014
AWSome Day Manila - Opening Keynote, Feb 25 2014
Amazon Web Services
Ā 
AWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWS
AWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWSAWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWS
AWS Canberra WWPS Summit 2013 - Become an Innovation Enterprise with AWS
Amazon Web Services
Ā 
Delivering Search for Today's Local, Social, and Mobile Applications
Delivering Search for Today's Local, Social, and Mobile ApplicationsDelivering Search for Today's Local, Social, and Mobile Applications
Delivering Search for Today's Local, Social, and Mobile Applications
Amazon Web Services
Ā 
AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...
AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...
AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...
Amazon Web Services
Ā 
Understanding Database Options
Understanding Database OptionsUnderstanding Database Options
Understanding Database Options
Amazon Web Services
Ā 
AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...
AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...
AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...
Amazon Web Services
Ā 
Content Management and Running your Website on AWS
Content Management and Running your Website on AWSContent Management and Running your Website on AWS
Content Management and Running your Website on AWS
Amazon Web Services
Ā 
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
Amazon Web Services
Ā 
AWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley Wood
AWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley WoodAWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley Wood
AWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley Wood
Amazon Web Services
Ā 
AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13
AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13
AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13
Amazon Web Services
Ā 
AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...
AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...
AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...
Amazon Web Services
Ā 
Scalable Media Workflows on the Cloud
Scalable Media Workflows on the Cloud Scalable Media Workflows on the Cloud
Scalable Media Workflows on the Cloud
Amazon Web Services
Ā 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
Amazon Web Services
Ā 
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4 AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
Amazon Web Services
Ā 
Empowering Publishers - Hosting Provider Selection Process - May-15-2013
Empowering Publishers - Hosting Provider Selection Process - May-15-2013Empowering Publishers - Hosting Provider Selection Process - May-15-2013
Empowering Publishers - Hosting Provider Selection Process - May-15-2013
Amazon Web Services
Ā 
Getting started with AWS
Getting started with AWSGetting started with AWS
Getting started with AWS
Amazon Web Services
Ā 
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku LepistoCOSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
Amazon Web Services
Ā 
AWS APAC Webinar Series: How to Reduce Your Spend on AWS
AWS APAC Webinar Series: How to Reduce Your Spend on AWSAWS APAC Webinar Series: How to Reduce Your Spend on AWS
AWS APAC Webinar Series: How to Reduce Your Spend on AWS
Amazon Web Services
Ā 
AWS Summit 2013 | India - Big Data Analytics, Abhishek Sinha
AWS Summit 2013 | India - Big Data Analytics, Abhishek SinhaAWS Summit 2013 | India - Big Data Analytics, Abhishek Sinha
AWS Summit 2013 | India - Big Data Analytics, Abhishek Sinha
Amazon Web Services
Ā 
AWS Webcast - Total Cost of (Non) Ownership
AWS Webcast - Total Cost of (Non) Ownership AWS Webcast - Total Cost of (Non) Ownership
AWS Webcast - Total Cost of (Non) Ownership
Amazon Web Services
Ā 
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
Amazon Web Services
Ā 
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
Amazon Web Services
Ā 
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Ā 
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Amazon Web Services
Ā 

More Related Content

Viewers also liked

AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
Amazon Web Services
Ā 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
Amazon Web Services
Ā 
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4 AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
Amazon Web Services
Ā 
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku LepistoCOSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
Amazon Web Services
Ā 
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
Amazon Web Services
Ā 
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
Amazon Web Services
Ā 

Viewers also liked (20)

Delivering Search for Today's Local, Social, and Mobile Applications
Delivering Search for Today's Local, Social, and Mobile ApplicationsDelivering Search for Today's Local, Social, and Mobile Applications
Delivering Search for Today's Local, Social, and Mobile Applications
Ā 
AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...
AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...
AWS Summit 2013 | Auckland - Continuous Deployment Practices, with Production...
Ā 
Understanding Database Options
Understanding Database OptionsUnderstanding Database Options
Understanding Database Options
Ā 
AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...
AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...
AWS Summit Sydney 2014 | Continuous Integration and Deployment Best Practices...
Ā 
Content Management and Running your Website on AWS
Content Management and Running your Website on AWSContent Management and Running your Website on AWS
Content Management and Running your Website on AWS
Ā 
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
AWS Summit 2013 | Auckland - Technical Lessons on How to Do Backup and Disast...
Ā 
AWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley Wood
AWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley WoodAWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley Wood
AWS Summit 2013 | India - Web, Mobile and Social Apps on AWS, Kingsley Wood
Ā 
AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13
AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13
AWS "Game On" Event - Social Gaming in the AWS Cloud - 19 June13
Ā 
AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...
AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...
AWS Summit 2013 | Singapore - Design for Success: Defining & Delivering your ...
Ā 
Scalable Media Workflows on the Cloud
Scalable Media Workflows on the Cloud Scalable Media Workflows on the Cloud
Scalable Media Workflows on the Cloud
Ā 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
Ā 
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4 AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
AWS Enterprise Summit London 2013 - Bob Harris - Channel 4
Ā 
Empowering Publishers - Hosting Provider Selection Process - May-15-2013
Empowering Publishers - Hosting Provider Selection Process - May-15-2013Empowering Publishers - Hosting Provider Selection Process - May-15-2013
Empowering Publishers - Hosting Provider Selection Process - May-15-2013
Ā 
Getting started with AWS
Getting started with AWSGetting started with AWS
Getting started with AWS
Ā 
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku LepistoCOSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
COSCUP - Open Source Engines Providing Big Data in the Cloud, Markku Lepisto
Ā 
AWS APAC Webinar Series: How to Reduce Your Spend on AWS
AWS APAC Webinar Series: How to Reduce Your Spend on AWSAWS APAC Webinar Series: How to Reduce Your Spend on AWS
AWS APAC Webinar Series: How to Reduce Your Spend on AWS
Ā 
AWS Summit 2013 | India - Big Data Analytics, Abhishek Sinha
AWS Summit 2013 | India - Big Data Analytics, Abhishek SinhaAWS Summit 2013 | India - Big Data Analytics, Abhishek Sinha
AWS Summit 2013 | India - Big Data Analytics, Abhishek Sinha
Ā 
AWS Webcast - Total Cost of (Non) Ownership
AWS Webcast - Total Cost of (Non) Ownership AWS Webcast - Total Cost of (Non) Ownership
AWS Webcast - Total Cost of (Non) Ownership
Ā 
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
AWS Summit 2013 | Singapore - Your First Week with Amazon EC2
Ā 
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
AWS Webcast - Using Amazon CloudFront-Accelerate Your Static, Dynamic, Intera...
Ā 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Ā 
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Amazon Web Services
Ā 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
Ā 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
Ā 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
Ā 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
Ā 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
Ā 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
Ā 
Database Oracle e VMware Cloudā„¢ on AWS: i miti da sfatare
Database Oracle e VMware Cloudā„¢ on AWS: i miti da sfatareDatabase Oracle e VMware Cloudā„¢ on AWS: i miti da sfatare
Database Oracle e VMware Cloudā„¢ on AWS: i miti da sfatare
Amazon Web Services
Ā 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
Ā 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
Ā 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
Ā 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
Ā 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Ā 
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Big Data per le Startup: come creare applicazioni Big Data in modalitĆ  Server...
Ā 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Ā 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Ā 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Ā 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
Ā 
Rendi unica lā€™offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica lā€™offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica lā€™offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica lā€™offerta della tua startup sul mercato con i servizi Machine Lea...
Ā 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Ā 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Ā 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
Ā 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Ā 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Ā 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Ā 
Database Oracle e VMware Cloudā„¢ on AWS: i miti da sfatare
Database Oracle e VMware Cloudā„¢ on AWS: i miti da sfatareDatabase Oracle e VMware Cloudā„¢ on AWS: i miti da sfatare
Database Oracle e VMware Cloudā„¢ on AWS: i miti da sfatare
Ā 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Ā 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Ā 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Ā 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
Ā 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Ā 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Ā 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Ā 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Ā 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
Ā 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Christopher Logan Kennedy
Ā 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
Ā 

Recently uploaded (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Ā 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Ā 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
Ā 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Ā 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Ā 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
Ā 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Ā 
Elevate Developer Efficiency & build GenAI Application with Amazon Qā€‹
Elevate Developer Efficiency & build GenAI Application with Amazon Qā€‹Elevate Developer Efficiency & build GenAI Application with Amazon Qā€‹
Elevate Developer Efficiency & build GenAI Application with Amazon Qā€‹
Ā 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Ā 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Ā 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Ā 
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Ā 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
Ā 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Ā 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Ā 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Ā 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Ā 

AWS Webcast - Security Best Practices on AWS

  • 1. Security Best Practices on AWS Understanding AWS Security, the Shared Responsibility Model, and some security best practices Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 2. Cloud Security is: Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 3. Every Customer Has Access to the Same Security Capabilities And gets to choose whatā€™s right for their business needs ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ Governments Financial Sector Pharmaceuticals Entertainment Start-ups Social Media Home Users Retail Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 4. Visible Cloud Security This Or This? Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 5. Auditable Cloud Security Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 6. Transparent Cloud Security http://aws.amazon.com/compliance/ Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 7. ISO 27001 Certification Covers the AWS Information Security Management System Follows ISO 27002 best practice guidance Includes all Regions Certification in the standard requires: ā€¢ ā€¢ ā€¢ ā€¢ Systematic evaluation of information security risks Evaluate the impact of company threats and vulnerabilities Design and implement comprehensive information security controls Adopt an overarching management process to ensure that the information security controls meet the information security needs on an ongoing basis Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 8. Service Organization Controls American Institute of Certified Public Accountants report What it contains Who uses it SOC 1 Attests that the AWS internal controls for financial reporting are appropriately designed and the controls are operating effectively User auditors & usersā€™ controllerā€™s office. Shared under NDA by AWS. SOC 2 Expanded evaluation of controls to include AICPA Trust Services Principles Management, regulators & others. Shared under NDA by AWS. SOC 3 Summary of SOC 2 and provides AICPA SysTrust Security Seal. Management, regulators & others. Publicly available. Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 9. PCI DSS Level 1 Service Provider PCI DSS 2.0 compliant Covers core infrastructure & services ā€¢ EC2, EBS, VPC, ELB, DirectConnect, S3, Glacier, RDS, DynamoDB, SimpleDB, EMR, RedShift, CloudHSM, and IAM Use services normally, no special configuration Leverage the work of our QSA AWS will work with merchants and designated Qualified Incident Response Assessors (QIRA) ā€¢ can support forensic investigations Certified in all regions Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 10. FedRAMP (FISMA) Moderate U.S. Civilian Government Agency Specific FedRAMP Approval To Operate (ATO) FISMA Moderate (NIST 800-53) ā€¢ Much more stringent than other commercial standards ā€¢ 205 high-level controls spanning 18 domains ā€¢ Access Control, Awareness & Training, Audit & Accountability, Security Assessment & Authorization, Configuration Management, Contingency Planning, ID & Authentication, Incident Response, Maintenance, Media Protection, Physical & Environment Protection, Planning, Personnel Security, Risk Assessment, System & Services Acquisition, System & Communications Protections, System & Information Integrity, Program Management Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 11. Shared Assessments SIG Standard Information Gathering (ā€œSIGā€) Questionnaire shared under NDA ā€¢ www.sharedassessments.org Robust, easy to use set of questions to gather and assess ā€¢ Information Technology ā€¢ Operating and Security Risks (and corresponding controls) Based on referenced industry standards ā€¢ Including, but not limited to, FFIEC, ISO, COBIT and PCI Excel format with AWS provided answers Updated periodically to stay current Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 12. Additional Initiatives U.S. Health Insurance Portability and Accountability Act (HIPAA) ā€¢ AWS enables covered entities and their business associates subject to the U.S. HIPAA to leverage the secure AWS environment to process, maintain, and store protected health information and AWS will be signing business associate agreements with such customers. Cloud Security Alliance (CSA) Questionnaire ā€¢ Answers in the Risk and Compliance Whitepaper Motion Picture Association of America (MPAA) ā€¢ Answers in the Risk and Compliance Whitepaper ā€¢ Best practices for storing, processing and delivering protected media & content Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 13. Security & Compliance Control Objectives Control Objective 1: Control Objective 2: Control Objective 3: Control Objective 4: Control Objective 5: Safeguards Control Objective 6: Control Objective 7: Control Objective 8: Security Organization Amazon User Access Logical Security Secure Data Handling Physical Security and Environmental Change Management Data Integrity, Availability and Redundancy Incident Handling Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 14. Security & Compliance Control Objectives (contā€™d) Control Objective 1: Security Organization ā€¢ Who we are ā€¢ Proper control & access within the organization Control Objective 2: Amazon User Access ā€¢ How we vet our staff ā€¢ Minimization of access Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 15. Security & Compliance Control Objectives (contā€™d) Control Objective 3: Logical Security ā€¢ ā€¢ ā€¢ ā€¢ Our staff start with no system access Need-based access grants Rigorous system separation System access grants regularly evaluated & automatically revoked Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 16. Security & Compliance Control Objectives (contā€™d) Control Objective 4: Secure Data Handling ā€¢ Storage media destroyed before being permitted outside our datacenters ā€¢ Media destruction consistent with US Dept. of Defense Directive 5220.22 Control Objective 5: Physical Security and Environmental Safeguards ā€¢ Keeping our facilities safe ā€¢ Maintaining the physical operating parameters of our datacenters Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 17. Security & Compliance Control Objectives (contā€™d) Control Objective 6: Change Management ā€¢ Continuous operation Control Objective 7: Data Integrity, Availability and Redundancy ā€¢ Ensuring your data remains safe, intact, & available Control Objective 8: Incident Handling ā€¢ Process & procedures for mitigating and managing potential issues Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 18. Shared Responsibility AWS ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ Customer Facilities Physical Security Physical Infrastructure Network Infrastructure Virtualization Infrastructure ā€¢ Choice of Guest OS ā€¢ Application Configuration Options ā€¢ Account Management Flexibility ā€¢ Security Groups ā€¢ Network ACLs ā€¢ Network Configuration Control Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 19. You Decide Where Applications and Data Reside Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 20. Network Security Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 21. Amazon EC2 Security Host operating system (AWS controlled) ā€¢ ā€¢ Individual SSH keyed logins via bastion host for AWS admins All accesses logged and audited Guest operating system (Customer controlled) ā€¢ ā€¢ AWS admins cannot log in Customer-generated keypairs Stateful firewall ā€¢ ā€¢ Mandatory inbound firewall, default deny mode Customer controls configuration via Security Groups Signed API calls ā€¢ Require customerā€™s secret AWS key Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 22. Customer 1 Customer 2 ā€¦ Customer n Hypervisor Virtual interfaces Customer 1 Security groups Customer 2 Security groups ā€¦ Customer n Security groups Firewall Physical interfaces Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 23. Tiering Security Groups Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 24. Web (HTTP) Tiering Security Groups Firewall Dynamically created rules based on Security Group membership Effectively create tiered network architectures ā€œWebā€ Security Group: TCP 80 0.0.0.0/0 TCP 22 ā€œMgmtā€ ā€œAppā€ Security Group: TCP 8080 ā€œWebā€ TCP 22 ā€œMgmtā€ ā€œDBā€ Security Group: TCP 3306 ā€œAppā€ TCP 22 ā€œMgmtā€ ā€œMgmtā€ Security Group: TCP 22 163.128.25.32/32 Web Server 22 Firewall 808 0 App Server 22 Firewall 330 6 DB Server 22 Firewall Bastion Host Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 25. Amazon VPC Architecture Customerā€™s isolated AWS resources NA T Internet Subnets Secure VPN connection over the Internet Customerā€™s network Router AWS Direct Connect ā€“ Dedicated Path/Bandwi dth Amazon Web Services cloud Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 26. Amazon VPC Network Security Controls Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 27. VPC - Dedicated Instances Option to ensure physical hosts are not shared with other customers $2/hr flat fee per region + small hourly charge Can identify specific Instances as dedicated Optionally configure entire VPC as dedicated Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 28. AWS Deployment Models Logical Server and Application Isolation Granular Information Access Policy Logical Network Isolation Physical server Isolation Commercial Cloud ļƒ¼ ļƒ¼ Virtual Private Cloud (VPC) ļƒ¼ ļƒ¼ ļƒ¼ ļƒ¼ AWS GovCloud (US) ļƒ¼ ļƒ¼ ļƒ¼ ļƒ¼ Government Only Physical Network and Facility Isolation ITAR Compliant (US Persons Only) Sample Workloads Public-facing apps, web sites, dev, test, etc. Datacenter extension, TIC environment, email, FISMA low and Moderate ļƒ¼ ļƒ¼ US Persons Compliant and Government Specific Apps Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 29. The Importance of Access Control One of customersā€™ top considerations when moving to the cloud CONTROL Why do we want control? ā€¢ ā€¢ ā€¢ ā€¢ Appropriate access to do appropriate actions I want to implement security best practices I want to be at least as secure as on premise I must comply with certain industry specific security regulations Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 30. AWS Identity and Access Management (IAM) ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ ā€¢ Users and Groups within Accounts Unique security credentials ā€¢ Access keys ā€¢ AWS Management Console Login/Password ā€¢ Enforce password complexity ā€¢ Optional MFA device Policies control access to AWS APIs All API calls must be signed by secret key Resource level integration into many Services ā€¢ EC2: tags control access to resources ā€¢ S3: policies on objects and buckets Not for Operating Systems or Applications ā€¢ Use LDAP, Active Directory/ADFS, etc... Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 31. Authentication Methods CLI ā€¢ Access + Secret Keys for REST calls ā€¢ SSH Keys for access to EC2 instances API ā€¢ Access + Secret Keys ā€¢ Optional multifactor authentication Web UI ā€¢ Username + Password ā€¢ Optional multifactor authentication Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 32. Multi-Factor Authentication (MFA) Extra level of security Works with ā€¢ AWS root account ā€¢ IAM users xxxxxxxxxxxxxxxxxxxxxxxxxxx Multiple form factors ā€¢ Virtual MFA on your phone ā€¢ Hardware MFA key fobs No additional cost! ā€¢ Except for the cost of the hardware key fob Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 33. AWS CloudHSM Secure Key Storage ā€¢ ā€¢ ā€¢ Dedicated access to tamper-resistant HSM appliances (SafeNetĀ® Luna SA) Designed to comply with Common Criteria EAL4+ and NIST FIPS 140-2 You retain full control of your keys and cryptographic operations Contractual and Regulatory Compliance ā€¢ Helps comply with the most stringent regulatory and contractual requirements for key protection. Reliable and Durable Key Storage ā€¢ Available in multiple AZs and Regions Simple and Secure Connectivity ā€¢ ā€¢ Connected to your VPC Improved Application Performance between EC2 and HSM Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 34. Premium Support Trusted Advisor Security Checks ā€¢ ā€¢ ā€¢ Security Group Rules (Hosts & Ports) IAM Use S3 Policies Fault Tolerance Checks ā€¢ ā€¢ ā€¢ Snapshots Multi-AZ VPN Tunnel Redundancy Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 35. Enable Root Account MFA! If you donā€™t see: Go to: http://blogs.aws.amazon.com/security/post/Tx1KJ4H6H5 R80UD/Securing-access-to-AWS-using-MFA-Part-1 Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 36. AWS Security, Compliance, & Architecture Resources http://aws.amazon.com/security/ Security whitepaper Security best practices Security bulletins Customer security testing process http://aws.amazon.com/compliance/ Risk and compliance whitepaper http://aws.amazon.com/architecture/ Reference Architectures Whitepapers Webinars http://blogs.aws.amazon.com/security/ Stay up to date on security and compliance in AWS Feedback is always welcome! Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.
  • 37. Thank You!!! awsmax@amazon.com Any questions? Ā© 2011 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified or distributed in whole or in part without the express consent of Amazon.com, Inc.