1. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
AWS GovCloud (US) – A Deep Dive
into Compliance
Chris Gile
AWS Sr Manager, Security Assurance
3. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
ITAR
FedRAMP
DoD SRG
CJIS
HIPAA
4. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
Cross-service Controls
Service-specific Controls
Compliance
of the Cloud
Compliance
in the Cloud
Cloud Service Provider
Controls
Optimized Network/OS/App
Controls
5. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
Controlled disclosure
Records retention
Internal Monitoring
Training & Awareness
ITAR
6. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
FedRAMP
AWS GovCloud (US)
S3EC2
IAM
EBS
VPC Redshift
Glacier
EMRDynamoDB
RDS:
Oracle
MySQLScope of services
https://aws.amazon.com/compliance/fedramp-faqs
7. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
FedRAMP
Requirements
Documentation &
Assessments
Authorizations
8. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
DoD SRG
Cloud Computing Security Requirements Guide (SRG)
+
https://aws.amazon.com/compliance/dod
SRG:
Level 2
Level 4
Level 5
Level 6 (SIPRNet)
CSM:
Level 1-2
Level 3-5
Level 6 (SIPRNet)
9. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
Criminal Justice Information Services (CJIS)
CJIS
CJIS Security Policy Resources AWS Services
https://aws.amazon.com/compliance/cjis
10. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
April 9, 2015
HIPAA
Requirements - BAA AWS Services Resources
https://aws.amazon.com/compliance/hipaa-compliance
12. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
AWS Security Assurance (Compliance) Resources
Compliance Center Website: https://aws.amazon.com/compliance
Security Center: https://aws.amazon.com/security
Security Blog: https://blogs.aws.amazon.com/security/
Team Email: awscompliance@amazon.com
13. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
Thank You.
This presentation will be loaded to SlideShare the week following the Symposium.
http://www.slideshare.net/AmazonWebServices
AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015