Maintaining a compliant environment is critical for regulated industries such as healthcare, but with the advent of GDPR and other regional data privacy frameworks, compliance is becoming just another cost of doing business. In this session, we dive deep into how Cloudticity built the Cloudticity Oxygen managed services framework as an example of what a compliance framework looks like and how maintaining a compliant posture—and being able to prove that to auditors and regulators—can and should be a native part of your infrastructure. Compliance doesn't need to be something you add on. It should be deeply ingrained in your environment. Learn specific AWS services and techniques to track and maintain compliance in a fully automated manner directly from Cloudticity's founder. This session is brought to you by AWS partner, Cloudticity.

2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automating Compliance on AWS
Gerry Miller
Founder & CEO
Cloudticity
H L C 3 0 2 - S - i

3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
The need for compliance
Compliance frameworks
The value of automation
Wrap up
AWS services that can help

4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance

5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance

6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
477
Source: 2017 Protenus/DataBreaches Breach Barometer Report

7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
110,000,000
Source: 2017 Protenus/DataBreaches Breach Barometer Report

8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
1 / 3

9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
10X

10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
320%

11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
50%

12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance
2/3

13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance

14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance

15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for compliance

16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for continuous compliance

17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for continuous compliance

18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for continuous compliance

19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The need for continuous compliance

20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compliance frameworks

21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compliance frameworks

22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compliance frameworks

23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo: Automated account creation

24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automated account creation

25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized AWS services

26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized AWS services

27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized AWS services
Standardized account configuration
Standardized deployment
Supporting services
Standardized account usage

28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized account configuration
VPC
Availability zone 1 Availability zone 2
Public subnet
Private subnet
Auto Scaling group
EC2 Instances
Public subnet
Private subnet
EC2 Instances
NAT gateway NAT gateway
Flow logs

29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized AWS services that can help
AMI

30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized AWS services that can help

31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Standardized AWS services that can help

32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo: Compliance dashboard

33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
VPC flow log analytics

34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Compliance dashboard

35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How automation helps compliance

36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The value of automation
Carbon Siliconversus

37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo: Automated remediations

38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automated remediations

39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo: Automated golden AMIs

40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automated golden AMIs

41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automated golden AMIs

42. Thank you!
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Gerry Miller
gerry@cloudticity.com

43. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.