SlideShare uma empresa Scribd logo

AWS Summit Berlin 2013 - Keynote Steve Schmidt

AWS Germany
AWS Germany

Keynote from the Berlin AWS Summit 2013

TecnologiaNegócios
1 de 28
Baixar para ler offline
Stephen Schmidt VP, Security Engineering Chief Information Security Officer
Cloud Security is: • Universal • Visible • Auditable • Transparent • Shared • Familiar
Universal Cloud Security Every Customer Has Access to the Same Security Capabilities, and Gets to Choose What’s Right for Their Business • Governments • Financial Sector • Pharmaceuticals • Entertainment • Start-Ups • Social Media • Home Users • Retail
Visible Cloud Security AWS  allows  you  to  see  your  en#re  infrastructure  at  the  click  of  a   mouse.  Can  you  map  your  current  network? This Or This?
Auditable Cloud Security How  do  you  know  AWS  is  right  for  your  business?     - 3rd  Party  Audits • Independent  auditors - ArCfacts • Plans,  Policies  and  Procedures - Logs • Obtained • Retained • Analyzed
Transparent Cloud Security Choose the audit/certification that’s right for you: • ISO-27001 • SOC-1, SOC-2 • FedRAMP • PCI
Control Objective 1: Security Organization • Who we are • Proper control & access within the organization Control Objective 2: Amazon User Access • How we vet our staff • Minimization of access Security & Compliance Control Objectives
Security & Compliance Control Objectives Control Objective 3: Logical Security • Our staff start with no systems access • Need-based access grants • Rigorous systems separation • Systems access grants regularly re-evaluated & automatically revoked
Security & Compliance Control Objectives Control Objective 4: Secure Data Handling • Storage media destroyed before being permitted outside our datacenters • Media destruction consistent with US Dept. of Defense Directive 5220.22 Control Objective 5: Physical Security and Environmental Safeguards • Keeping our facilities safe • Maintaining the physical operating parameters of our datacenters
Security & Compliance Control Objectives Control Objective 6: Change Management • Continuous Operation Control Objective 7: Data Integrity, Availability and Redundancy • Ensuring your data remains safe, intact & available Control Objective 8: Incident Handling • Processes & procedures for mitigating and managing potential issues
Shared Responsibility • Let  AWS  do  the  heavy  liIing • This  is  what  we  do  –  and  we  do  it  all  the  Cme • As  the  AWS  customer  you  can  focus  on  your  business  and  not  be  distracted   by  the  muck AWS • FaciliCes • Physical  Security • Physical  Infrastructure • Network  Infrastructure • VirtualizaCon  Infrastructure Customer • Choice  of  Guest  OS • ApplicaCon  ConfiguraCon  OpCons • Account  Management  flexibility • Security  Groups • Network  ACLs
Physical Security Distributed  Regions  –  MulCple  Availability  Zones Asia%Pacific%(Sydney)%
Network Security • DDoS attacks defended at the border • Man in the Middle attacks • SSL endpoints • IP Spoofing prohibited • Port scanning prohibited • Packet Sniffing prevented
Amazon EC2 Security Host operating system • Individual SSH keyed logins via bastion host for AWS admins • All accesses logged and audited Guest operating system • Customer controlled at root level • AWS admins cannot log in • Customer-generated keypairs Stateful firewall • Mandatory inbound firewall, default deny mode Signed API calls • Require X.509 certificate or customer’s secret AWS key
Amazon Virtual Private Cloud (VPC) • Create a logically isolated environment in Amazon’s highly scalable infrastructure • Specify your private IP address range into one or more public or private subnets • Control inbound and outbound access to and from individual subnets using stateless Network Access Control Lists • Protect your Instances with stateful filters for inbound and outbound traffic using Security Groups • Bridge your VPC and your onsite IT infrastructure with an industry standard encrypted VPN connection and/or AWS Direct Connect
Amazon VPC - Dedicated Instances • Option to ensure physical hosts are not shared with other customers • $10/hr flat fee per Region + small hourly charge • Can identify specific Instances as dedicated • Optionally configure entire VPC as dedicated
Customers have requirements that require them to use specific encryption key management procedures not previously possible on AWS • Requirements are based on contractual or regulatory mandates for keeping encryption keys stored in a specific manner or with specific access controls • Good key management is critical Customers want to run applications and store data in AWS but previously had to retain keys in HSMs in on-premises datacenters • Applications may slow down due to network latency • Requires several DCs to provide high availability, disaster recovery and durability of keys Customer Challenge: Encryption
• AWS offers several data protection mechanisms including access control, encryption, etc. • AWS CloudHSM complements existing AWS data protection and encryption solutions • With AWS CloudHSM customers can: • Encrypt data inside AWS • Store keys in AWS within a Hardware Security Module • Decide how to encrypt data – the AWS CloudHSM implements cryptographic functions and key storage for customer applications • Use third party validated hardware for key storage AWS Data Protection Solutions
HSM – Hardware Security Module •  A hardware device that performs cryptographic operations and key storage •  Used for strong protection of private keys •  Tamper resistant – keys are protected physically and logically –  If a tampering attempt is detected, the appliance destroys the keys •  Device administration and security administration are logically separate –  Physical control of the appliance does not grant access to the keys •  Certified by 3rd parties to comply with government standards for physical and logical security: –  FIPS 140-2 –  Common Criteria EAL4+ •  Example vendors include: SafeNet, Thales •  Historically located in on-premises datacenters HSM
What is AWS CloudHSM? • Customers receive dedicated access to HSM appliances • HSMs are physically located in AWS datacenters – in close network proximity to Amazon EC2 instances • Physically managed and monitored by AWS, but customers control their own keys • HSMs are inside customer’s VPC – dedicated to the customer and isolated from the rest of the network AWS  CloudHSM
AWS CloudHSM Service Highlights • Secure Key Storage – customers retain control of their own keys and cryptographic operations on the HSM • Contractual and Regulatory Compliance – helps customers comply with the most stringent regulatory and contractual requirements for key protection • Reliable and Durable Key Storage – AWS CloudHSMs are located in multiple Availability Zones and Regions to help customers build highly available applications that require secure key storage • Simple and Secure Connectivity – AWS CloudHSMs are in the customer’s VPC • Better Application Performance – reduce network latency and increase the performance of AWS applications that use HSMs
• Large Silicon Valley company: video DRM • Start-up document rights management service: enterprise document protection • Amazon Web Services: Root of trust for Public Key Infrastructure (PKI) authentication system • Very large financial services organization: Root of trust for key management system for virtual machine authentication & encryption Customer use cases
Key Storage & Secure Operations for AWS CloudHSMs are in the customer’s VPC and isolated from other AWS networksE Secure key storage in tamper-resistant/ tamper-evident hardware available in multiple regions and AZs D Application performance improves (due to close network proximity with AWS workloads) C Customers control and manage their own keys B AWS manages the HSM appliance but does not have access to customers’ keys A AWS Amazon Virtual Private Cloud AWS CloudHSM Amazon VPC Instance SSL Application HSM Client C D E B A
On-Premises Integration with AWS CloudHSM HSM Customers’ applications continue to use standard crypto APIs (PKCS#11, MS CAPI, JCA/JCE, etc.). SafeNet HSM client replaces existing crypto service provider libraries and connects to the HSM to implement API calls in hardware SafeNet HSM  Client  can  share  load  and   store  keys  redundantly  across  mulCple   HSMs Key  material  is  securely  replicated  to   HSM(s)  in  the  customer’s  datacenter B A C D AWS Amazon  Virtual  Private  Cloud AWS  CloudHSMAmazon  VPC  Instance Corporate  Datacenter SSL VPN INTERNET AWS  Direct   Connect Application HSM Client A C D B SSL
AWS Deployment Models Logical Server and Application Isolation Granular Information Access Policy Logical Network Isolation Physical server Isolation Government Only Physical Network and Facility Isolation ITAR Compliant (US Persons Only) Sample Workloads Commercial  Cloud ü   ü       Public  facing  apps.  Web   sites,  Dev  test  etc. Virtual  Private  Cloud   (VPC) ü   ü   ü   ü     Data  Center  extension,  TIC   environment,  email,  FISMA   low  and  Moderate AWS  GovCloud  (US) ü   ü   ü   ü   ü   ü   US  Persons  Compliant  and   Government  Specific  Apps.
AWS Security Resources • http://aws.amazon.com/security/ • Security Whitepaper • Risk and Compliance Whitepaper • Regularly Updated • Feedback is welcome
Thank you.
Bronze Sponsors Silver Sponsors Gold Sponsor

Recomendados

AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...
AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...
AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...AWS Germany
 
Building Bulletproof Infrastructure on AWS
Building Bulletproof Infrastructure on AWSBuilding Bulletproof Infrastructure on AWS
Building Bulletproof Infrastructure on AWS2nd Watch
 
AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...
AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...
AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...AWS Germany
 
AWS Summit Berlin 2013 - Big Data Analytics
AWS Summit Berlin 2013 - Big Data AnalyticsAWS Summit Berlin 2013 - Big Data Analytics
AWS Summit Berlin 2013 - Big Data AnalyticsAWS Germany
 
Enterprise Management for the AWS Cloud
Enterprise Management for the AWS CloudEnterprise Management for the AWS Cloud
Enterprise Management for the AWS Cloud2nd Watch
 
Big data and Analytics on AWS
Big data and Analytics on AWSBig data and Analytics on AWS
Big data and Analytics on AWS2nd Watch
 
Enabling High Performance IT with 2nd Watch, Docker & AWS
Enabling High Performance IT with 2nd Watch, Docker & AWSEnabling High Performance IT with 2nd Watch, Docker & AWS
Enabling High Performance IT with 2nd Watch, Docker & AWS2nd Watch
 
Backup on the cloud Webinar
Backup on the cloud WebinarBackup on the cloud Webinar
Backup on the cloud Webinar2nd Watch
 

Recomendados

AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...
AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...
AWS Summit Berlin 2013 - Euroforum - Moving an Entire Physical Data Center in...AWS Germany
 
Building Bulletproof Infrastructure on AWS
Building Bulletproof Infrastructure on AWSBuilding Bulletproof Infrastructure on AWS
Building Bulletproof Infrastructure on AWS2nd Watch
 
AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...
AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...
AWS Summit Berlin 2013 - Optimizing your AWS applications and usage to reduce...AWS Germany
 
AWS Summit Berlin 2013 - Big Data Analytics
AWS Summit Berlin 2013 - Big Data AnalyticsAWS Summit Berlin 2013 - Big Data Analytics
AWS Summit Berlin 2013 - Big Data AnalyticsAWS Germany
 
Enterprise Management for the AWS Cloud
Enterprise Management for the AWS CloudEnterprise Management for the AWS Cloud
Enterprise Management for the AWS Cloud2nd Watch
 
Big data and Analytics on AWS
Big data and Analytics on AWSBig data and Analytics on AWS
Big data and Analytics on AWS2nd Watch
 
Enabling High Performance IT with 2nd Watch, Docker & AWS
Enabling High Performance IT with 2nd Watch, Docker & AWSEnabling High Performance IT with 2nd Watch, Docker & AWS
Enabling High Performance IT with 2nd Watch, Docker & AWS2nd Watch
 
Backup on the cloud Webinar
Backup on the cloud WebinarBackup on the cloud Webinar
Backup on the cloud Webinar2nd Watch
 
Optimizing your cloud
Optimizing your cloudOptimizing your cloud
Optimizing your cloud2nd Watch
 
Backup on the cloud 10.1.13
Backup on the cloud 10.1.13Backup on the cloud 10.1.13
Backup on the cloud 10.1.132nd Watch
 
Cloud comparison - AWS vs Azure vs Google
Cloud comparison - AWS vs Azure vs GoogleCloud comparison - AWS vs Azure vs Google
Cloud comparison - AWS vs Azure vs GooglePatrick Pierson
 
Basics of cloud computing ( aws )
Basics of cloud computing ( aws )Basics of cloud computing ( aws )
Basics of cloud computing ( aws )Deepak Singhal
 
Aws Summit Berlin 2013 - Understanding database options on AWS
Aws Summit Berlin 2013 - Understanding database options on AWSAws Summit Berlin 2013 - Understanding database options on AWS
Aws Summit Berlin 2013 - Understanding database options on AWSAWS Germany
 
2nd Watch CTO - Kris Blisner
2nd Watch CTO - Kris Blisner2nd Watch CTO - Kris Blisner
2nd Watch CTO - Kris BlisnerHostway|HOSTING
 
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel AvivFinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel AvivAmazon Web Services
 
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...Amazon Web Services
 
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...Amazon Web Services
 
2016 Utah Cloud Summit: Architecting on AWS - Best Practices
2016 Utah Cloud Summit: Architecting on AWS - Best Practices2016 Utah Cloud Summit: Architecting on AWS - Best Practices
2016 Utah Cloud Summit: Architecting on AWS - Best Practices1Strategy
 
Backup to the Cloud
Backup to the CloudBackup to the Cloud
Backup to the Cloud2nd Watch
 
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...Amazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Amazon Web Services
 
Session Sponsored by Tableau: Transforming Data Into Valuable Insights
Session Sponsored by Tableau: Transforming Data Into Valuable InsightsSession Sponsored by Tableau: Transforming Data Into Valuable Insights
Session Sponsored by Tableau: Transforming Data Into Valuable InsightsAmazon Web Services
 
Cassandra at eBay - Cassandra Summit 2013
Cassandra at eBay - Cassandra Summit 2013Cassandra at eBay - Cassandra Summit 2013
Cassandra at eBay - Cassandra Summit 2013Jay Patel
 
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo CommunityAWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo CommunityAWS Germany
 
(BDT402) Delivering Business Agility Using AWS
(BDT402) Delivering Business Agility Using AWS(BDT402) Delivering Business Agility Using AWS
(BDT402) Delivering Business Agility Using AWSAmazon Web Services
 
Building Complex Workloads in Cloud - AWS PS Summit Canberra
Building Complex Workloads in Cloud - AWS PS Summit CanberraBuilding Complex Workloads in Cloud - AWS PS Summit Canberra
Building Complex Workloads in Cloud - AWS PS Summit CanberraAmazon Web Services
 
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016Amazon Web Services
 
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A... How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...Amazon Web Services
 
AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAmazon Web Services
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAmazon Web Services
 

Mais conteúdo relacionado

Mais procurados

Optimizing your cloud
Optimizing your cloudOptimizing your cloud
Optimizing your cloud2nd Watch
 
Backup on the cloud 10.1.13
Backup on the cloud 10.1.13Backup on the cloud 10.1.13
Backup on the cloud 10.1.132nd Watch
 
Cloud comparison - AWS vs Azure vs Google
Cloud comparison - AWS vs Azure vs GoogleCloud comparison - AWS vs Azure vs Google
Cloud comparison - AWS vs Azure vs GooglePatrick Pierson
 
Basics of cloud computing ( aws )
Basics of cloud computing ( aws )Basics of cloud computing ( aws )
Basics of cloud computing ( aws )Deepak Singhal
 
Aws Summit Berlin 2013 - Understanding database options on AWS
Aws Summit Berlin 2013 - Understanding database options on AWSAws Summit Berlin 2013 - Understanding database options on AWS
Aws Summit Berlin 2013 - Understanding database options on AWSAWS Germany
 
2nd Watch CTO - Kris Blisner
2nd Watch CTO - Kris Blisner2nd Watch CTO - Kris Blisner
2nd Watch CTO - Kris BlisnerHostway|HOSTING
 
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel AvivFinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel AvivAmazon Web Services
 
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...Amazon Web Services
 
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...Amazon Web Services
 
2016 Utah Cloud Summit: Architecting on AWS - Best Practices
2016 Utah Cloud Summit: Architecting on AWS - Best Practices2016 Utah Cloud Summit: Architecting on AWS - Best Practices
2016 Utah Cloud Summit: Architecting on AWS - Best Practices1Strategy
 
Backup to the Cloud
Backup to the CloudBackup to the Cloud
Backup to the Cloud2nd Watch
 
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...Amazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Amazon Web Services
 
Session Sponsored by Tableau: Transforming Data Into Valuable Insights
Session Sponsored by Tableau: Transforming Data Into Valuable InsightsSession Sponsored by Tableau: Transforming Data Into Valuable Insights
Session Sponsored by Tableau: Transforming Data Into Valuable InsightsAmazon Web Services
 
Cassandra at eBay - Cassandra Summit 2013
Cassandra at eBay - Cassandra Summit 2013Cassandra at eBay - Cassandra Summit 2013
Cassandra at eBay - Cassandra Summit 2013Jay Patel
 
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo CommunityAWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo CommunityAWS Germany
 
(BDT402) Delivering Business Agility Using AWS
(BDT402) Delivering Business Agility Using AWS(BDT402) Delivering Business Agility Using AWS
(BDT402) Delivering Business Agility Using AWSAmazon Web Services
 
Building Complex Workloads in Cloud - AWS PS Summit Canberra
Building Complex Workloads in Cloud - AWS PS Summit CanberraBuilding Complex Workloads in Cloud - AWS PS Summit Canberra
Building Complex Workloads in Cloud - AWS PS Summit CanberraAmazon Web Services
 
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016Amazon Web Services
 
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A... How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...Amazon Web Services
 

Mais procurados (20)

Optimizing your cloud
Optimizing your cloudOptimizing your cloud
Optimizing your cloud
 
Backup on the cloud 10.1.13
Backup on the cloud 10.1.13Backup on the cloud 10.1.13
Backup on the cloud 10.1.13
 
Cloud comparison - AWS vs Azure vs Google
Cloud comparison - AWS vs Azure vs GoogleCloud comparison - AWS vs Azure vs Google
Cloud comparison - AWS vs Azure vs Google
 
Basics of cloud computing ( aws )
Basics of cloud computing ( aws )Basics of cloud computing ( aws )
Basics of cloud computing ( aws )
 
Aws Summit Berlin 2013 - Understanding database options on AWS
Aws Summit Berlin 2013 - Understanding database options on AWSAws Summit Berlin 2013 - Understanding database options on AWS
Aws Summit Berlin 2013 - Understanding database options on AWS
 
2nd Watch CTO - Kris Blisner
2nd Watch CTO - Kris Blisner2nd Watch CTO - Kris Blisner
2nd Watch CTO - Kris Blisner
 
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel AvivFinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
FinOps - AWS Cost and Operational Efficiency - Pop-up Loft Tel Aviv
 
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
Real-world High Performance & High Throughput Computing on AWS - AWS PS Summi...
 
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
Optimizing Data Management Using AWS Storage and Data Migration Products | AW...
 
2016 Utah Cloud Summit: Architecting on AWS - Best Practices
2016 Utah Cloud Summit: Architecting on AWS - Best Practices2016 Utah Cloud Summit: Architecting on AWS - Best Practices
2016 Utah Cloud Summit: Architecting on AWS - Best Practices
 
Backup to the Cloud
Backup to the CloudBackup to the Cloud
Backup to the Cloud
 
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
Cost Optimising Your Architecture Practical Design Steps for Developer Saving...
 
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
 
Session Sponsored by Tableau: Transforming Data Into Valuable Insights
Session Sponsored by Tableau: Transforming Data Into Valuable InsightsSession Sponsored by Tableau: Transforming Data Into Valuable Insights
Session Sponsored by Tableau: Transforming Data Into Valuable Insights
 
Cassandra at eBay - Cassandra Summit 2013
Cassandra at eBay - Cassandra Summit 2013Cassandra at eBay - Cassandra Summit 2013
Cassandra at eBay - Cassandra Summit 2013
 
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo CommunityAWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
AWS Summit Berlin 2013 - Tadaa - HD Camera and Photo Community
 
(BDT402) Delivering Business Agility Using AWS
(BDT402) Delivering Business Agility Using AWS(BDT402) Delivering Business Agility Using AWS
(BDT402) Delivering Business Agility Using AWS
 
Building Complex Workloads in Cloud - AWS PS Summit Canberra
Building Complex Workloads in Cloud - AWS PS Summit CanberraBuilding Complex Workloads in Cloud - AWS PS Summit Canberra
Building Complex Workloads in Cloud - AWS PS Summit Canberra
 
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
Apache Spark Clusters for Everyone | AWS Public Sector Summit 2016
 
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A... How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
How Can I Plan for Security, Risk, & Compliance Before Migrating to AWS? | A...
 

Semelhante a AWS Summit Berlin 2013 - Keynote Steve Schmidt

AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAmazon Web Services
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAmazon Web Services
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Amazon Web Services
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23Rolf Koski
 
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)Amazon Web Services
 
APN Partner Webinar - Security & Compliance for AWS EMEA Partners
APN Partner Webinar - Security & Compliance for AWS EMEA PartnersAPN Partner Webinar - Security & Compliance for AWS EMEA Partners
APN Partner Webinar - Security & Compliance for AWS EMEA PartnersAmazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
AWS Summit Sydney 2014 | Understanding AWS Security
AWS Summit Sydney 2014 | Understanding AWS SecurityAWS Summit Sydney 2014 | Understanding AWS Security
AWS Summit Sydney 2014 | Understanding AWS SecurityAmazon Web Services
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...Amazon Web Services
 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
 

Semelhante a AWS Summit Berlin 2013 - Keynote Steve Schmidt (20)

AWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security KeynoteAWS Summit Nordics - Security Keynote
AWS Summit Nordics - Security Keynote
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23
 
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
 
APN Partner Webinar - Security & Compliance for AWS EMEA Partners
APN Partner Webinar - Security & Compliance for AWS EMEA PartnersAPN Partner Webinar - Security & Compliance for AWS EMEA Partners
APN Partner Webinar - Security & Compliance for AWS EMEA Partners
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the Cloud
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
Security & Compliance (Part 2)
Security & Compliance (Part 2)Security & Compliance (Part 2)
Security & Compliance (Part 2)
 
AWS Summit Sydney 2014 | Understanding AWS Security
AWS Summit Sydney 2014 | Understanding AWS SecurityAWS Summit Sydney 2014 | Understanding AWS Security
AWS Summit Sydney 2014 | Understanding AWS Security
 
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...
 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWS
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS
 

Mais de AWS Germany

Analytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAnalytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAWS Germany
 
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...AWS Germany
 
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...AWS Germany
 
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...AWS Germany
 
Modern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWSModern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWSAWS Germany
 
Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerModern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerAWS Germany
 
Building Smart Home skills for Alexa
Building Smart Home skills for AlexaBuilding Smart Home skills for Alexa
Building Smart Home skills for AlexaAWS Germany
 
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureHotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureAWS Germany
 
Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopWild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopAWS Germany
 
Log Analytics with AWS
Log Analytics with AWSLog Analytics with AWS
Log Analytics with AWSAWS Germany
 
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS AWS Germany
 
AWS Programme für Nonprofits
AWS Programme für NonprofitsAWS Programme für Nonprofits
AWS Programme für NonprofitsAWS Germany
 
Microservices and Data Design
Microservices and Data DesignMicroservices and Data Design
Microservices and Data DesignAWS Germany
 
Serverless vs. Developers – the real crash
Serverless vs. Developers – the real crashServerless vs. Developers – the real crash
Serverless vs. Developers – the real crashAWS Germany
 
Query your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performanceQuery your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performanceAWS Germany
 
Secret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s VaultSecret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s VaultAWS Germany
 
Scale to Infinity with ECS
Scale to Infinity with ECSScale to Infinity with ECS
Scale to Infinity with ECSAWS Germany
 
Containers on AWS - State of the Union
Containers on AWS - State of the UnionContainers on AWS - State of the Union
Containers on AWS - State of the UnionAWS Germany
 
Deploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon LightsailDeploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon LightsailAWS Germany
 

Mais de AWS Germany (20)

Analytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAnalytics Web Day | From Theory to Practice: Big Data Stories from the Field
Analytics Web Day | From Theory to Practice: Big Data Stories from the Field
 
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...
 
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...Modern Applications Web Day | Impress Your Friends with Your First Serverless...
Modern Applications Web Day | Impress Your Friends with Your First Serverless...
 
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
Modern Applications Web Day | Manage Your Infrastructure and Configuration on...
 
Modern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWSModern Applications Web Day | Container Workloads on AWS
Modern Applications Web Day | Container Workloads on AWS
 
Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerModern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker
 
Building Smart Home skills for Alexa
Building Smart Home skills for AlexaBuilding Smart Home skills for Alexa
Building Smart Home skills for Alexa
 
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureHotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure
 
Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopWild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop
 
Log Analytics with AWS
Log Analytics with AWSLog Analytics with AWS
Log Analytics with AWS
 
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS
 
AWS Programme für Nonprofits
AWS Programme für NonprofitsAWS Programme für Nonprofits
AWS Programme für Nonprofits
 
Microservices and Data Design
Microservices and Data DesignMicroservices and Data Design
Microservices and Data Design
 
Serverless vs. Developers – the real crash
Serverless vs. Developers – the real crashServerless vs. Developers – the real crash
Serverless vs. Developers – the real crash
 
Query your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performanceQuery your data in S3 with SQL and optimize for cost and performance
Query your data in S3 with SQL and optimize for cost and performance
 
Secret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s VaultSecret Management with Hashicorp’s Vault
Secret Management with Hashicorp’s Vault
 
EKS Workshop
EKS Workshop EKS Workshop
EKS Workshop
 
Scale to Infinity with ECS
Scale to Infinity with ECSScale to Infinity with ECS
Scale to Infinity with ECS
 
Containers on AWS - State of the Union
Containers on AWS - State of the UnionContainers on AWS - State of the Union
Containers on AWS - State of the Union
 
Deploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon LightsailDeploying and Scaling Your First Cloud Application with Amazon Lightsail
Deploying and Scaling Your First Cloud Application with Amazon Lightsail
 

Último

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 

Último (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 

AWS Summit Berlin 2013 - Keynote Steve Schmidt

  • 1. Stephen Schmidt VP, Security Engineering Chief Information Security Officer
  • 2. Cloud Security is: • Universal • Visible • Auditable • Transparent • Shared • Familiar
  • 3. Universal Cloud Security Every Customer Has Access to the Same Security Capabilities, and Gets to Choose What’s Right for Their Business • Governments • Financial Sector • Pharmaceuticals • Entertainment • Start-Ups • Social Media • Home Users • Retail
  • 4. Visible Cloud Security AWS  allows  you  to  see  your  en#re  infrastructure  at  the  click  of  a   mouse.  Can  you  map  your  current  network? This Or This?
  • 5. Auditable Cloud Security How  do  you  know  AWS  is  right  for  your  business?     - 3rd  Party  Audits • Independent  auditors - ArCfacts • Plans,  Policies  and  Procedures - Logs • Obtained • Retained • Analyzed
  • 6. Transparent Cloud Security Choose the audit/certification that’s right for you: • ISO-27001 • SOC-1, SOC-2 • FedRAMP • PCI
  • 7. Control Objective 1: Security Organization • Who we are • Proper control & access within the organization Control Objective 2: Amazon User Access • How we vet our staff • Minimization of access Security & Compliance Control Objectives
  • 8. Security & Compliance Control Objectives Control Objective 3: Logical Security • Our staff start with no systems access • Need-based access grants • Rigorous systems separation • Systems access grants regularly re-evaluated & automatically revoked
  • 9. Security & Compliance Control Objectives Control Objective 4: Secure Data Handling • Storage media destroyed before being permitted outside our datacenters • Media destruction consistent with US Dept. of Defense Directive 5220.22 Control Objective 5: Physical Security and Environmental Safeguards • Keeping our facilities safe • Maintaining the physical operating parameters of our datacenters
  • 10. Security & Compliance Control Objectives Control Objective 6: Change Management • Continuous Operation Control Objective 7: Data Integrity, Availability and Redundancy • Ensuring your data remains safe, intact & available Control Objective 8: Incident Handling • Processes & procedures for mitigating and managing potential issues
  • 11. Shared Responsibility • Let  AWS  do  the  heavy  liIing • This  is  what  we  do  –  and  we  do  it  all  the  Cme • As  the  AWS  customer  you  can  focus  on  your  business  and  not  be  distracted   by  the  muck AWS • FaciliCes • Physical  Security • Physical  Infrastructure • Network  Infrastructure • VirtualizaCon  Infrastructure Customer • Choice  of  Guest  OS • ApplicaCon  ConfiguraCon  OpCons • Account  Management  flexibility • Security  Groups • Network  ACLs
  • 12. Physical Security Distributed  Regions  –  MulCple  Availability  Zones Asia%Pacific%(Sydney)%
  • 13. Network Security • DDoS attacks defended at the border • Man in the Middle attacks • SSL endpoints • IP Spoofing prohibited • Port scanning prohibited • Packet Sniffing prevented
  • 14. Amazon EC2 Security Host operating system • Individual SSH keyed logins via bastion host for AWS admins • All accesses logged and audited Guest operating system • Customer controlled at root level • AWS admins cannot log in • Customer-generated keypairs Stateful firewall • Mandatory inbound firewall, default deny mode Signed API calls • Require X.509 certificate or customer’s secret AWS key
  • 15. Amazon Virtual Private Cloud (VPC) • Create a logically isolated environment in Amazon’s highly scalable infrastructure • Specify your private IP address range into one or more public or private subnets • Control inbound and outbound access to and from individual subnets using stateless Network Access Control Lists • Protect your Instances with stateful filters for inbound and outbound traffic using Security Groups • Bridge your VPC and your onsite IT infrastructure with an industry standard encrypted VPN connection and/or AWS Direct Connect
  • 16. Amazon VPC - Dedicated Instances • Option to ensure physical hosts are not shared with other customers • $10/hr flat fee per Region + small hourly charge • Can identify specific Instances as dedicated • Optionally configure entire VPC as dedicated
  • 17. Customers have requirements that require them to use specific encryption key management procedures not previously possible on AWS • Requirements are based on contractual or regulatory mandates for keeping encryption keys stored in a specific manner or with specific access controls • Good key management is critical Customers want to run applications and store data in AWS but previously had to retain keys in HSMs in on-premises datacenters • Applications may slow down due to network latency • Requires several DCs to provide high availability, disaster recovery and durability of keys Customer Challenge: Encryption
  • 18. • AWS offers several data protection mechanisms including access control, encryption, etc. • AWS CloudHSM complements existing AWS data protection and encryption solutions • With AWS CloudHSM customers can: • Encrypt data inside AWS • Store keys in AWS within a Hardware Security Module • Decide how to encrypt data – the AWS CloudHSM implements cryptographic functions and key storage for customer applications • Use third party validated hardware for key storage AWS Data Protection Solutions
  • 19. HSM – Hardware Security Module •  A hardware device that performs cryptographic operations and key storage •  Used for strong protection of private keys •  Tamper resistant – keys are protected physically and logically –  If a tampering attempt is detected, the appliance destroys the keys •  Device administration and security administration are logically separate –  Physical control of the appliance does not grant access to the keys •  Certified by 3rd parties to comply with government standards for physical and logical security: –  FIPS 140-2 –  Common Criteria EAL4+ •  Example vendors include: SafeNet, Thales •  Historically located in on-premises datacenters HSM
  • 20. What is AWS CloudHSM? • Customers receive dedicated access to HSM appliances • HSMs are physically located in AWS datacenters – in close network proximity to Amazon EC2 instances • Physically managed and monitored by AWS, but customers control their own keys • HSMs are inside customer’s VPC – dedicated to the customer and isolated from the rest of the network AWS  CloudHSM
  • 21. AWS CloudHSM Service Highlights • Secure Key Storage – customers retain control of their own keys and cryptographic operations on the HSM • Contractual and Regulatory Compliance – helps customers comply with the most stringent regulatory and contractual requirements for key protection • Reliable and Durable Key Storage – AWS CloudHSMs are located in multiple Availability Zones and Regions to help customers build highly available applications that require secure key storage • Simple and Secure Connectivity – AWS CloudHSMs are in the customer’s VPC • Better Application Performance – reduce network latency and increase the performance of AWS applications that use HSMs
  • 22. • Large Silicon Valley company: video DRM • Start-up document rights management service: enterprise document protection • Amazon Web Services: Root of trust for Public Key Infrastructure (PKI) authentication system • Very large financial services organization: Root of trust for key management system for virtual machine authentication & encryption Customer use cases
  • 23. Key Storage & Secure Operations for AWS CloudHSMs are in the customer’s VPC and isolated from other AWS networksE Secure key storage in tamper-resistant/ tamper-evident hardware available in multiple regions and AZs D Application performance improves (due to close network proximity with AWS workloads) C Customers control and manage their own keys B AWS manages the HSM appliance but does not have access to customers’ keys A AWS Amazon Virtual Private Cloud AWS CloudHSM Amazon VPC Instance SSL Application HSM Client C D E B A
  • 24. On-Premises Integration with AWS CloudHSM HSM Customers’ applications continue to use standard crypto APIs (PKCS#11, MS CAPI, JCA/JCE, etc.). SafeNet HSM client replaces existing crypto service provider libraries and connects to the HSM to implement API calls in hardware SafeNet HSM  Client  can  share  load  and   store  keys  redundantly  across  mulCple   HSMs Key  material  is  securely  replicated  to   HSM(s)  in  the  customer’s  datacenter B A C D AWS Amazon  Virtual  Private  Cloud AWS  CloudHSMAmazon  VPC  Instance Corporate  Datacenter SSL VPN INTERNET AWS  Direct   Connect Application HSM Client A C D B SSL
  • 25. AWS Deployment Models Logical Server and Application Isolation Granular Information Access Policy Logical Network Isolation Physical server Isolation Government Only Physical Network and Facility Isolation ITAR Compliant (US Persons Only) Sample Workloads Commercial  Cloud ü   ü       Public  facing  apps.  Web   sites,  Dev  test  etc. Virtual  Private  Cloud   (VPC) ü   ü   ü   ü     Data  Center  extension,  TIC   environment,  email,  FISMA   low  and  Moderate AWS  GovCloud  (US) ü   ü   ü   ü   ü   ü   US  Persons  Compliant  and   Government  Specific  Apps.
  • 26. AWS Security Resources • http://aws.amazon.com/security/ • Security Whitepaper • Risk and Compliance Whitepaper • Regularly Updated • Feedback is welcome