AWS/FedRAMP Updates and TIC Overlay Pilot
•Transferir como PPTX, PDF•
3 gostaram•3,466 visualizações
Note
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Destaque
Destaque (20)
Semelhante a AWS/FedRAMP Updates and TIC Overlay Pilot
Semelhante a AWS/FedRAMP Updates and TIC Overlay Pilot (20)
Mais de Amazon Web Services
Mais de Amazon Web Services (20)
Último
Último (20)
AWS/FedRAMP Updates and TIC Overlay Pilot
- 1. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 An Update on the AWS/FedRAMP TIC Overlay Pilot Sara Mosely, US DHS TIC Program Manager Matthew Goodrich, FedRAMP Director Jennifer Gray, AWS US Public Sector Compliance Architect ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 2. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS/FedRAMP Updates • 2015 AWS FedRAMP Package Transition to NIST SP 800-53, Revision 4 • New services ready for FedRAMP • 2015 AWS/FedRAMP High Baseline Pilot • AWS/FedRAMP Continuous Monitoring • AWS/FedRAMP TIC Overlay Pilot
- 3. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
- 4. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
- 5. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
- 6. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
- 7. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS/FedRAMP TIC-Overlay Pilot Agency Sponsor GSA 18F/FedRAMP AWS/FedRAMP-TIC Pilot Kick Off TIC Capabilities Control Review 3PAO Test Cases Testing AWS/TIC Overlay Assessment Report TIC Ready AWS/FedRAMP TIC Overlay Report May July AugustJune
- 8. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 customer’s network Amazon Web Services cloud subnets isolated AWS customer resources Amazon VPC architecture router VPN gateway private private private Internet TIC provider secure circuit secure VPN connection over the Internet or Direct Connect
- 9. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 customer’s network Amazon Web Services cloud subnets isolated AWS customer resources Amazon VPC Architecture router VPN gateway private private private Internet TIC provider secure circuit secure VPN connection over the Internet or Direct Connect
- 10. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AvailabilityZone#2 App server CloudWatch RDS snapshots fixed content App App Web Web RDS RDS Availability Zone #1 AvailabilityZone#2 Availability Zone #1 RDP RDP AD AD customer gateway production VPC management VPC End Users VPC peering CloudTrail logsIAM Achieving TIC Capabilities with AWS CloudTrail
- 11. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Thank You. This presentation will be loaded to SlideShare the week following the Symposium. http://www.slideshare.net/AmazonWebServices AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015
Notas do Editor
- Why is TIC important? What is the AWS/FedRAMP TIC Overlay Pilot? What does this mean for AWS customers?
- What does this mean for AWS customers? AWS has achieved a number of internationally recognized certifications and accreditations, demonstrating compliance with 3rd party assurance frameworks such as ISO 27001, PCI, SOC 1/2/3, HIPAA, FedRAMP/FISMA and most recently DD CSM level 1 &. We are constantly listening to customers to and look into other certifications, such as the FedRAMP-TIC Overlay. AWS Customers already have access various security features that can be used to secure their application in AWS and help enforce TIC capabilities. Just to name a few AWS Customers can use AWS IAM (establish or restrict user roles/permissions to AWS resources), AWS Direct Connect (establish private connection between AWS and federal agency customers), AWS cloudtrail that logs API activity and outputs to an S3 bucket where it can be analyzed with a number of security tools. The AWS/FedRAMP-TIC Overlay Pilot assessment will demonstrate TIC compliance enabling AWS federal customers to achieve TIC capabilities under the AWS FedRAMP Certification. This pilot will enable AWS customers to enforce TIC capabilities to achieve compliance in the cloud, in addition to leveraging one AWS FedRAMP-TIC compliant security package in order to accelerate their mission critical workloads onto AWS.
- Good over – Options speak softly Like presentation (beneftis) Last- too small How AWS- seasonal business and peak times scale up core competencies How big is AWS – customer numbers try leading give you example over 1 mil, within our public sector we have 1500 We can service tie w/in region For Partner/SI - add examples (Market place) Send to Ann Marie Public Sector – 1500 Working ways in customer example (customer – public reference (Ann – 1) award nomination, 2) press stories w/ PA 3)no endorsing AWS) and Carina (case studies/videos/quote/ marketing customer has sign release forms) Benefits (FDA Story – innovation 280 – 580), encryption How do we innovate – Do we have a data center (we areas called region, within az we have datacenters Greenpeace - we disagree with the reports and carbon neutral regions (GovCloud) 25% green and goal of 40% for 2016 and windfarm (green energy) CIA access – That is not correct (Say it) say is not true Competitors- (we don’t focus on our competitors and we focus on customers and the point on competitor the value propisiton services head (reference) Who would not use – customers FIRNA, Is there anything you want to add – leave some compliance blog – security leave the people Working on the track – Government folks About a program