2. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
AWS/FedRAMP Updates
• 2015 AWS FedRAMP Package Transition
to NIST SP 800-53, Revision 4
• New services ready for FedRAMP
• 2015 AWS/FedRAMP High Baseline Pilot
• AWS/FedRAMP Continuous Monitoring
• AWS/FedRAMP TIC Overlay Pilot
7. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
AWS/FedRAMP TIC-Overlay Pilot
Agency Sponsor
GSA 18F/FedRAMP
AWS/FedRAMP-TIC Pilot
Kick Off
TIC Capabilities
Control Review
3PAO Test Cases
Testing
AWS/TIC Overlay
Assessment Report
TIC Ready
AWS/FedRAMP
TIC Overlay
Report
May July AugustJune
8. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
customer’s
network
Amazon
Web Services
cloud
subnets
isolated AWS customer
resources
Amazon VPC architecture
router
VPN
gateway
private
private
private
Internet
TIC
provider
secure
circuit
secure VPN
connection over the
Internet or Direct
Connect
9. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
customer’s
network
Amazon
Web Services
cloud
subnets
isolated AWS customer
resources
Amazon VPC Architecture
router
VPN
gateway
private
private
private
Internet
TIC
provider
secure
circuit
secure VPN
connection over the
Internet or Direct
Connect
10. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
AvailabilityZone#2
App server
CloudWatch
RDS snapshots
fixed content
App
App
Web
Web
RDS
RDS
Availability Zone #1
AvailabilityZone#2
Availability Zone #1
RDP
RDP
AD
AD
customer
gateway
production VPC management VPC
End Users
VPC peering
CloudTrail logsIAM
Achieving TIC Capabilities with AWS
CloudTrail
11. AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
Thank You.
This presentation will be loaded to SlideShare the week following the Symposium.
http://www.slideshare.net/AmazonWebServices
AWS Government, Education, and Nonprofit Symposium
Washington, DC I June 25-26, 2015
Notas do Editor
Why is TIC important?
What is the AWS/FedRAMP TIC Overlay Pilot?
What does this mean for AWS customers?
What does this mean for AWS customers?
AWS has achieved a number of internationally recognized certifications and accreditations, demonstrating compliance with 3rd party assurance frameworks such as ISO 27001, PCI, SOC 1/2/3, HIPAA, FedRAMP/FISMA and most recently DD CSM level 1 &. We are constantly listening to customers to and look into other certifications, such as the FedRAMP-TIC Overlay.
AWS Customers already have access various security features that can be used to secure their application in AWS and help enforce TIC capabilities.
Just to name a few AWS Customers can use AWS IAM (establish or restrict user roles/permissions to AWS resources), AWS Direct Connect (establish private connection between AWS and federal agency customers), AWS cloudtrail that logs API activity and outputs to an S3 bucket where it can be analyzed with a number of security tools.
The AWS/FedRAMP-TIC Overlay Pilot assessment will demonstrate TIC compliance enabling AWS federal customers to achieve TIC capabilities under the AWS FedRAMP Certification.
This pilot will enable AWS customers to enforce TIC capabilities to achieve compliance in the cloud, in addition to leveraging one AWS FedRAMP-TIC compliant security package in order to accelerate their mission critical workloads onto AWS.
Good over –
Options speak softly
Like presentation (beneftis)
Last- too small
How AWS- seasonal business and peak times scale up core competencies
How big is AWS – customer numbers try leading give you example over 1 mil, within our public sector we have 1500
We can service tie w/in region
For Partner/SI - add examples (Market place)
Send to Ann Marie
Public Sector – 1500
Working ways in customer example (customer – public reference (Ann – 1) award nomination, 2) press stories w/ PA 3)no endorsing AWS) and Carina (case studies/videos/quote/ marketing customer has sign release forms)
Benefits (FDA Story – innovation 280 – 580), encryption
How do we innovate –
Do we have a data center (we areas called region, within az we have datacenters
Greenpeace - we disagree with the reports and carbon neutral regions (GovCloud) 25% green and goal of 40% for 2016 and windfarm (green energy)
CIA access – That is not correct (Say it) say is not true
Competitors- (we don’t focus on our competitors and we focus on customers and the point on competitor the value propisiton services head (reference)
Who would not use – customers FIRNA,
Is there anything you want to add – leave some compliance blog – security leave the people
Working on the track – Government folks
About a program