SlideShare una empresa de Scribd logo

Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C.

Descargar como PPTX, PDF
Amazon Web Services
Amazon Web Services

Security is your number one priority and it is ours too. With customers around the world across all industries, it is our top priority to ensure the underlying cloud infrastructure is secure and compliant. This presentation will address our shared security/responsibility model, specific compliance requirements such as FedRAMP, DISA/DoD Cloud Security Models, and detail the specific AWS compliance programs that supports our customers in these compliance environments.

Tecnología
1 de 13
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Federal Compliance Deep Dive: AWS Public Sector Security Assurance Programs Chris Gile Senior Manager AWS Risk and Compliance cgile@amazon.com
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Shared Security Responsibility • AWS & Customers both have security/compliance obligations • Logical assessment & accreditation boundaries Cross-service Controls Service-specific Controls Managed by AWS Managed by Customer Compliance of the Cloud Compliance in the Cloud Cloud Service Provider Controls Optimized Network/OS/App Controls
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS FedRAMP Program • AWS has two Agency ATOs granted by HHS; assessment reviewed by HHS, FDA, CDC, and NIH covering: – All AWS US Regions (US East/West, & GovCloud (US)) – EC2, S3, EBS, VPC, IAM – New: Amazon Redshift (US East/West only) • Assessed against all FedRAMP-Moderate controls • Agency ATO packages have reciprocity with federal agencies • AWS will directly field FedRAMP package requests; agencies can still request AWS FedRAMP package from FedRAMP PMO – AWS provides customers a FedRAMP SSP Template, inherited/shared control matrix, as well as FedRAMP package cloud.cio.gov/fedramp/amazon
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Building Solutions on AWS • Partners & Agencies can leverage FedRAMP compliant AWS • AWS’s FedRAMP package covers AWS infrastructure and underlying management of services • Partner’s FedRAMP package includes inherited controls; shared controls documents partner’s application/service built on AWS • To support partners we can provide: – Partner FedRAMP package: ATO Letters, CIS spreadsheet, FIPS 199, etc. – SSP Template: Pre-populated with inherited control language, guidance on completing shared controls – ATO Letters as stand-alone documents – Support: Security Solutions Architects, Security Assurance Architects, Professional Services
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Documentation Support • AWS Package is specific to the AWS Infrastructure • Partner’s Package is specific to the Partner’s Application or managed services • Inherited v. Shared Controls
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS DoD CSM Program • 2/6/14 Provisional Authorization for Levels 1-2 • DISA-managed Cloud Security Model (CSM) • 70 additional control enhancements overlaid on FedRAMP Moderate • Partners have achieved MAC II Sensitive DIACAP ATOs
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Certifications & Compliance • AWS Environment – SOC 1/2/3 – ISO 27001 Certification – Payment Card Industry Data Security Standard (PCI DSS) Level 1 Service Provider – FedRAMP (up to Moderate) – AWS GovCloud (US) – ITAR compliant region • Customers have deployed various compliant applications – Sarbanes-Oxley (SOX) – HIPAA (healthcare) – FISMA/FedRAMP (US Federal Government) – DIACAP – up to MAC II Sensitive – International Traffic in Arms Regulations (ITAR)
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Customer Resources • Whitepapers – Risk & Compliance Whitepaper – Overview of Security Processes – “Security at Scale” series • Governance in AWS • Logging in AWS • Template – FedRAMP SSP Template • Workbooks – FISMA-High – CJIS
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Other Compliance Programs • FISMA-High – Workbook available for partners under NDA – 84 additional control enhancements; 21 inherited, 54 shared, 9 customer • CJIS Workbook – Available under NDA – 121 security requirements; 10 inherited, 87 shared, and 24 customer-responsible requirements • Both are partner-based approaches to build a portfolio of authorizations
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Compliance & Security Centers • Answers to many security and compliance questions • Security whitepaper • Risk and Compliance whitepaper • Overview of Security Processes whitepaper • “Security at Scale” whitepaper series • Security bulletins • Customer penetration testing requests • Security best practices • Request more information by contacting us aws.amazon.com/security aws.amazon.com/compliance
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Additional AWS Security & Compliance References • https://aws.amazon.com/security • https://aws.amazon.com/compliance • https://aws.amazon.com/compliance/#whitepapers • https://aws.amazon.com/compliance/fedramp-faqs • https://aws.amazon.com/govcloud-us • https://aws.amazon.com/documentation • https://aws.amazon.com/iam awscompliance@amazon.com
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Questions?
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank You Chris Gile cgile@amazon.com

Recomendados

AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...Amazon Web Services
 
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...Amazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...Amazon Web Services
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAmazon Web Services
 
AWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAmazon Web Services
 
Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability Amazon Web Services
 
C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingAmazon Web Services
 

Recomendados

AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...Amazon Web Services
 
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...Amazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...Amazon Web Services
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAmazon Web Services
 
AWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAmazon Web Services
 
Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability Amazon Web Services
 
C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingAmazon Web Services
 
An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAmazon Web Services
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPAAmazon Web Services
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSAmazon Web Services
 
C2S: What’s Next
C2S: What’s NextC2S: What’s Next
C2S: What’s NextAmazon Web Services
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAmazon Web Services
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Amazon Web Services
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsAmazon Web Services
 
AWS as a Data Platform
AWS as a Data PlatformAWS as a Data Platform
AWS as a Data PlatformAmazon Web Services
 
Adobe : The Future of SaaS
Adobe : The Future of SaaSAdobe : The Future of SaaS
Adobe : The Future of SaaSAmazon Web Services
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSAmazon Web Services
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the CloudAmazon Web Services
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationAmazon Web Services
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformAmazon Web Services
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsAmazon Web Services
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationAmazon Web Services
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAmazon Web Services
 
Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSAmazon Web Services
 
FedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsFedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsGovCloud Network
 

Más contenido relacionado

La actualidad más candente

An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAmazon Web Services
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPAAmazon Web Services
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSAmazon Web Services
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAmazon Web Services
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Amazon Web Services
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsAmazon Web Services
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSAmazon Web Services
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the CloudAmazon Web Services
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationAmazon Web Services
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformAmazon Web Services
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsAmazon Web Services
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationAmazon Web Services
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAmazon Web Services
 

La actualidad más candente (20)

An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay Pilot
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWS
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWS
 
C2S: What’s Next
C2S: What’s NextC2S: What’s Next
C2S: What’s Next
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get Started
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the Clouds
 
AWS as a Data Platform
AWS as a Data PlatformAWS as a Data Platform
AWS as a Data Platform
 
Adobe : The Future of SaaS
Adobe : The Future of SaaSAdobe : The Future of SaaS
Adobe : The Future of SaaS
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the Cloud
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher Education
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better Platform
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical Apps
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your Organization
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private Sector
 

Destacado

Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSAmazon Web Services
 
FedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsFedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsGovCloud Network
 
Aws Architecture Fundamentals
Aws Architecture FundamentalsAws Architecture Fundamentals
Aws Architecture Fundamentals2nd Watch
 
Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
Disaster Recovery Sites on AWS: Minimal Cost, Maximum EfficiencyDisaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
Disaster Recovery Sites on AWS: Minimal Cost, Maximum EfficiencyAmazon Web Services
 
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...Amazon Web Services
 
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...Amazon Web Services
 
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014Amazon Web Services
 
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...Donald E. Hester
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...Donald E. Hester
 
2016 Maze Live 1 GASB update
2016 Maze Live 1 GASB update2016 Maze Live 1 GASB update
2016 Maze Live 1 GASB updateDonald E. Hester
 
2016 Maze Live Cyber-security for Local Governments
2016 Maze Live Cyber-security for Local Governments2016 Maze Live Cyber-security for Local Governments
2016 Maze Live Cyber-security for Local GovernmentsDonald E. Hester
 
2016 Maze Live Fraud Environment
2016 Maze Live Fraud Environment2016 Maze Live Fraud Environment
2016 Maze Live Fraud EnvironmentDonald E. Hester
 
Implementing GASB 72: Fair Value Measurement and Application
Implementing GASB 72: Fair Value Measurement and ApplicationImplementing GASB 72: Fair Value Measurement and Application
Implementing GASB 72: Fair Value Measurement and ApplicationDonald E. Hester
 
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...Amazon Web Services
 
GASB 68 and 71 Planning for the Second Year
GASB 68 and 71 Planning for the Second YearGASB 68 and 71 Planning for the Second Year
GASB 68 and 71 Planning for the Second YearDonald E. Hester
 
Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde
Running Complex Enterprise Workloads on AWS - Session sponsored by FrondeRunning Complex Enterprise Workloads on AWS - Session sponsored by Fronde
Running Complex Enterprise Workloads on AWS - Session sponsored by FrondeAmazon Web Services
 
AWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWSAWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWSAmazon Web Services
 
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWSSecurity and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWSAmazon Web Services
 

Destacado (20)

Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWS
 
FedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsFedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conops
 
Aws Architecture Fundamentals
Aws Architecture FundamentalsAws Architecture Fundamentals
Aws Architecture Fundamentals
 
Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
Disaster Recovery Sites on AWS: Minimal Cost, Maximum EfficiencyDisaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
 
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
 
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
 
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
 
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
 
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
 
2016 Maze Live 1 GASB update
2016 Maze Live 1 GASB update2016 Maze Live 1 GASB update
2016 Maze Live 1 GASB update
 
2016 Maze Live Cyber-security for Local Governments
2016 Maze Live Cyber-security for Local Governments2016 Maze Live Cyber-security for Local Governments
2016 Maze Live Cyber-security for Local Governments
 
2016 Maze Live Fraud Environment
2016 Maze Live Fraud Environment2016 Maze Live Fraud Environment
2016 Maze Live Fraud Environment
 
Implementing GASB 72: Fair Value Measurement and Application
Implementing GASB 72: Fair Value Measurement and ApplicationImplementing GASB 72: Fair Value Measurement and Application
Implementing GASB 72: Fair Value Measurement and Application
 
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
GASB 68 and 71 Planning for the Second Year
GASB 68 and 71 Planning for the Second YearGASB 68 and 71 Planning for the Second Year
GASB 68 and 71 Planning for the Second Year
 
Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde
Running Complex Enterprise Workloads on AWS - Session sponsored by FrondeRunning Complex Enterprise Workloads on AWS - Session sponsored by Fronde
Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde
 
AWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWSAWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWS
 
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWSSecurity and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
 

Similar a Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C.

AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C. AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Amazon Web Services
 
Overview of AWS Partner Programs in the Public Sector
Overview of AWS Partner Programs in the Public Sector Overview of AWS Partner Programs in the Public Sector
Overview of AWS Partner Programs in the Public Sector Amazon Web Services
 
How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...Amazon Web Services
 
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Amazon Web Services
 
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Amazon Web Services
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Amazon Web Services
 
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Amazon Web Services
 
For Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSFor Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSAmazon Web Services
 
Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Amazon Web Services
 
Driving Business Agility with AWS Serverless -Atlanta
Driving Business Agility with AWS Serverless -AtlantaDriving Business Agility with AWS Serverless -Atlanta
Driving Business Agility with AWS Serverless -AtlantaCloudHesive
 
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....Amazon Web Services
 
AWS Public Sector Summit 2014 Talk - Science as a Service using AWS
AWS Public Sector Summit 2014 Talk - Science as a Service using AWSAWS Public Sector Summit 2014 Talk - Science as a Service using AWS
AWS Public Sector Summit 2014 Talk - Science as a Service using AWSRavi Madduri
 
Acquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAcquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAmazon Web Services
 
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C. GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Amazon Web Services
 
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...Amazon Web Services
 
Leveraging AWS Partner Network (APN) Resources
Leveraging AWS Partner Network (APN) ResourcesLeveraging AWS Partner Network (APN) Resources
Leveraging AWS Partner Network (APN) ResourcesAmazon Web Services
 
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C. AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...Amazon Web Services
 

Similar a Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C. (20)

AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C. AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
 
Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...
 
Overview of AWS Partner Programs in the Public Sector
Overview of AWS Partner Programs in the Public Sector Overview of AWS Partner Programs in the Public Sector
Overview of AWS Partner Programs in the Public Sector
 
How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...
 
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
 
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
 
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
 
For Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSFor Partners: Build Your Business on AWS
For Partners: Build Your Business on AWS
 
Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014
 
Driving Business Agility with AWS Serverless -Atlanta
Driving Business Agility with AWS Serverless -AtlantaDriving Business Agility with AWS Serverless -Atlanta
Driving Business Agility with AWS Serverless -Atlanta
 
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
 
AWS Public Sector Summit 2014 Talk - Science as a Service using AWS
AWS Public Sector Summit 2014 Talk - Science as a Service using AWSAWS Public Sector Summit 2014 Talk - Science as a Service using AWS
AWS Public Sector Summit 2014 Talk - Science as a Service using AWS
 
Acquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAcquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public Sector
 
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C. GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
 
Leveraging AWS Partner Network (APN) Resources
Leveraging AWS Partner Network (APN) ResourcesLeveraging AWS Partner Network (APN) Resources
Leveraging AWS Partner Network (APN) Resources
 
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C. AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
 
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
 

Más de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Más de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C.

  • 1. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Federal Compliance Deep Dive: AWS Public Sector Security Assurance Programs Chris Gile Senior Manager AWS Risk and Compliance cgile@amazon.com
  • 2. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Shared Security Responsibility • AWS & Customers both have security/compliance obligations • Logical assessment & accreditation boundaries Cross-service Controls Service-specific Controls Managed by AWS Managed by Customer Compliance of the Cloud Compliance in the Cloud Cloud Service Provider Controls Optimized Network/OS/App Controls
  • 3. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS FedRAMP Program • AWS has two Agency ATOs granted by HHS; assessment reviewed by HHS, FDA, CDC, and NIH covering: – All AWS US Regions (US East/West, & GovCloud (US)) – EC2, S3, EBS, VPC, IAM – New: Amazon Redshift (US East/West only) • Assessed against all FedRAMP-Moderate controls • Agency ATO packages have reciprocity with federal agencies • AWS will directly field FedRAMP package requests; agencies can still request AWS FedRAMP package from FedRAMP PMO – AWS provides customers a FedRAMP SSP Template, inherited/shared control matrix, as well as FedRAMP package cloud.cio.gov/fedramp/amazon
  • 4. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Building Solutions on AWS • Partners & Agencies can leverage FedRAMP compliant AWS • AWS’s FedRAMP package covers AWS infrastructure and underlying management of services • Partner’s FedRAMP package includes inherited controls; shared controls documents partner’s application/service built on AWS • To support partners we can provide: – Partner FedRAMP package: ATO Letters, CIS spreadsheet, FIPS 199, etc. – SSP Template: Pre-populated with inherited control language, guidance on completing shared controls – ATO Letters as stand-alone documents – Support: Security Solutions Architects, Security Assurance Architects, Professional Services
  • 5. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Documentation Support • AWS Package is specific to the AWS Infrastructure • Partner’s Package is specific to the Partner’s Application or managed services • Inherited v. Shared Controls
  • 6. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS DoD CSM Program • 2/6/14 Provisional Authorization for Levels 1-2 • DISA-managed Cloud Security Model (CSM) • 70 additional control enhancements overlaid on FedRAMP Moderate • Partners have achieved MAC II Sensitive DIACAP ATOs
  • 7. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Certifications & Compliance • AWS Environment – SOC 1/2/3 – ISO 27001 Certification – Payment Card Industry Data Security Standard (PCI DSS) Level 1 Service Provider – FedRAMP (up to Moderate) – AWS GovCloud (US) – ITAR compliant region • Customers have deployed various compliant applications – Sarbanes-Oxley (SOX) – HIPAA (healthcare) – FISMA/FedRAMP (US Federal Government) – DIACAP – up to MAC II Sensitive – International Traffic in Arms Regulations (ITAR)
  • 8. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Customer Resources • Whitepapers – Risk & Compliance Whitepaper – Overview of Security Processes – “Security at Scale” series • Governance in AWS • Logging in AWS • Template – FedRAMP SSP Template • Workbooks – FISMA-High – CJIS
  • 9. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Other Compliance Programs • FISMA-High – Workbook available for partners under NDA – 84 additional control enhancements; 21 inherited, 54 shared, 9 customer • CJIS Workbook – Available under NDA – 121 security requirements; 10 inherited, 87 shared, and 24 customer-responsible requirements • Both are partner-based approaches to build a portfolio of authorizations
  • 10. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Compliance & Security Centers • Answers to many security and compliance questions • Security whitepaper • Risk and Compliance whitepaper • Overview of Security Processes whitepaper • “Security at Scale” whitepaper series • Security bulletins • Customer penetration testing requests • Security best practices • Request more information by contacting us aws.amazon.com/security aws.amazon.com/compliance
  • 11. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Additional AWS Security & Compliance References • https://aws.amazon.com/security • https://aws.amazon.com/compliance • https://aws.amazon.com/compliance/#whitepapers • https://aws.amazon.com/compliance/fedramp-faqs • https://aws.amazon.com/govcloud-us • https://aws.amazon.com/documentation • https://aws.amazon.com/iam awscompliance@amazon.com
  • 12. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Questions?
  • 13. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank You Chris Gile cgile@amazon.com