SlideShare uma empresa Scribd logo

Sicurezza e conformità al GDPR con AWS

Amazon Web Services
Amazon Web Services

Essere conformi al GDPR, il regolamento generale sulla protezione dei dati personali entrato in vigore il 25 maggio 2018, può risultare complicato ma AWS ha gli strumenti per guidarti attraverso tutto il processo. In questa sessione approfondiremo i meccanismi di automazione che AWS offre ai propri clienti per aiutarli nell'implementazione dei propri programmi di sicurezza e privacy e vedremo quali sono gli strumenti specifici messi a disposizione da AWS per indirizzare alcuni requisiti del GDPR.

1 de 44
Baixar para ler offline
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Navigating GDPR Compliance on AWS Diego Natali AWS Solutions Architect
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is the GDPR?
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is the GDPR? • The “GDPR” is the General Data Protection Regulation, a significant new EU Data Protection Regulation • Introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance across the EU • The GDPR is enforceable May 25, 2018 and it replaces the EU Data Protection Directive (Directive 95/46/EC) • In scope: organizations established in the EU and organizations without an EU presence who target or monitor EU individuals
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Content versus Personal Data = anything that a customer (or any user) stores, or processes using AWS services, including: Software ǀ Data ǀ Text ǀ Audio ǀ Video Content Personal data = information from which a living individual may be identified or identifiable (under EU data protection law) Customer’s “content” might include “personal data”
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Controller vs Data Processor = determines the purposes and means of the processing of personal data Data Controller Data Processor = processes personal data on behalf of the controller
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The right to be forgotten Privacy by design Data breach notification Individuals have the right to a copy of all the personal data that controllers have regarding him or her. It also must be provided in a way that facilitates reuse. What Else Comes with GDPR? The right to data portability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Else Comes with GDPR? The right to be forgotten Privacy by design Data breach notification This gives individuals the right to have certain personal data deleted so third parties can no longer trace them. The right to data portability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Else Comes with GDPR? The right to be forgotten Privacy by design Data breach notification This helps to facilitate the inclusion of policies, guidelines, and work instructions related to data protection in the earliest stages of projects including personal data. The right to data portability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Else Comes with GDPR? The right to be forgotten Privacy by design Data breach notification Controllers must report personal data breaches to the relevant supervisory authority within 72 hours. If there is a high risk to the rights and freedoms of data subjects, they must also notify the data subjects. The right to data portability
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How AWS Can Help Customers Achieve GDPR Compliance
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Protection— A Shared Responsibility Managed by AWS customers Managed by AWS Foundation Services AWS Global Infrastructure Client-side data encryption and data integrity authentication Server-side encryption File System and/or data Network Traffic Protection Encryption/integrity/identity AWSIAM Customer data Platform and application management Operating system, network, and firewall configuration CustomerIAM Optional—opaque data: 0s and 1s (in transit/at rest) Compute Storage Databases Networking Regions Availability zones Edge locations AWS endpoints
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data subjects Customer as controller AWS as processor Data Protection— A Shared Responsibility Controllers and processors have obligations under GDPR
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Protection— A Shared Responsibility Data subjects Customer‘s customer as controller Customer as processor AWS as processor Controllers and processors have obligations under GDPR
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Legal Compliance (Both controllers and processors) System Security and Data Protection by Design (Both controllers and processors; AWS has tooling to help) Records of Processing Activities (Both controllers and processors; AWS has tooling to help) Encryption (Both controllers and processors; AWS has tooling to help) Security of Personal Data (Controller responsibility) Managing Data Subject Consent (Controller responsibility) Managing Personal Data Deletion (Both controllers and processors; AWS has tooling to help) Managing Personal Data Portability (Controller responsibility) GDPR is Also a Shared Responsibility
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. GDPR in Practice: Implementing TOMs 1 Pseudonymization and encryption of personal data 2 Ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services 3 Ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident 4 Process for regularly testing, assessing, and evaluating the effectiveness of TOMs Under GDPR, Controllers and Processors are required to implement appropriate Technical and Organization Measures (“TOMs”)…
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Services Already Comply with the GDPR AWS completed the entirety of our GDPR service readiness audit on March 26, 2018—validating that all generally available services and features adhere to the high privacy bar and data protection standards required of data processors by the GDPR. What does this mean to you? Customers can deploy AWS services as a key part of their GDPR compliance plans.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs—What AWS Provides to You Tools and services Compliance framework Partner network Data protection terms
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services “Security of processing”“Data protection by design and default” “Records of processing activities” AWS Storage Gateway Amazon Virtual Private Cloud (VPC) Amazon API Gateway AWS KMS AWS CloudHSM Amazon S3 Server- Side Encryption AWS Identity and Access Management AWS CloudFormation AWS WAF Amazon CloudWatch AWS CloudTrail AWS Config
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework The controller “shall implement appropriate technical and organizational measures for ensuring that, by default, only personal data that are necessary for each specific purpose of the processing are processed.” AWS Identity and Access Management API-Request Authentication Temporary Access Tokens Data access control
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IAM/STS Resources Implementing TOMs with AWS Services Data Access Control IAM User Parent account Child account 1. Authenticate with access keys 2. Pass MFA info to get temporary security credentials 3. Call AWS APIs using temporary security credentials
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services Data Access Control
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework “Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under their responsibility.” AWS CloudTrail Amazon Inspector Amazon Macie AWS Config Data access control
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services AWS CloudTrail Monitoring of access activities—AWS CloudTrail Management console CLI SDK AWS resources Archive and audit Troubleshoot Monitor, alarm, and react Amazon CloudWatch S3 Bucket AWS CloudTrail
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services Monitoring of access activities—Amazon GuardDuty Amazon GuardDuty
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security service that uses machine learning to continuously and automatically discover, classify, and protect sensitive data in AWS Recognizes and classify sensitive data such as Personally identifiable information (PII) Intellectual property Sensitive AWS account information Implementing TOMs with AWS Services
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework Organizations must “implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the pseudonymisation and encryption of personal data.” Encryption of data at rest (Amazon EBS, Amazon S3, Amazon Glacier, Amazon RDS, etc.) Centralized Regional Key Management with AWS KMS Dedicated HSM in the cloud with AWS CloudHSM IPsec VPN to your AWS environment with Virtual Private Gateway Data access control
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services In transit data encryption For distributed applications Open-source encryption functionality In transit data encryption For EMRFS traffic between S3 and cluster nodes (enabled automatically) TLS encryption At-rest data encryption For EMRFS on S3 Server-side or client-side encryption (SSE-S3, SSE-KMS, CSE-KMS, or CSE-Custom) At-rest data encryption For cluster nodes (EC2 instance volumes) Open-source HDFS encryption, LUKS encryption EMR S3 HSFS (Block-transfer and RPC) Local volumes (instance store/EBS) Data encryption at rest
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework Appropriate technical and organizational measures may need to include “the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of the processing systems and services.” SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)/SOC 2/SOC 3 PCI DSS Level 1 ISO 9001/ISO 27001/ISO 27017/ISO 27018 NIST FIPS 140-2 Common Cloud Computing Controls Catalog (C5) Data access control
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Meet Your Own Security Objectives AWS Global Infrastructure AWS Foundation Services Your own accreditation Your own certifications Your own external audits GDPR Code of Conduct Customer scope and effort is reduced Better results through focused efforts Built on AWS consistent baseline controls
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. GDPR—Code of Conduct CISPE Code (Cloud Infrastructure Service Providers in Europe) The CISPE Code of Conduct: An effective, easily accessed framework for complying with the EU’s GDPR Excludes the reuse of customer data Enables data storage and processing exclusively within the EU Identifies cloud infrastructure services suitable for different types of data processing Helps citizens retain control of their personal and sensitive data AWS CISPE certified CISPE Code of Conduct in evaluation by Article 29 WP
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Amazon Trusted Advisor Helps you reduce cost, increase performance, and improve security by providing real-time guidance to help you provision your resources following AWS best practices
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Comes with baked-in controls for Unrestricted security groups MFA not on root accounts Publically exposed AWS credentials
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Integrated with CloudWatch Events Build automation for things like: Exposed keys Auto disable? Security groups Alert?
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon and OSS Example: CIS AWS benchmarks Purpose: Enables you to continuously or spot evaluate the configuration of resources and account settings of an AWS account against the CIS AWS Foundation Benchmark Continuous Validation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Provides Assess against 48 control statements, including: No multi-factor authentication (MFA) usage on the root account Overly open IAM policies Lack of enabled logging on the account
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Partner Network (APN) and GDPR Technology partnersConsulting partners APN Technology Partners offer security and identity solutions to help with GDPR APN Consulting Partners can help your customers get ready for GDPR
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Marketplace: Your One Stop Shop for Familiar Tools Advanced threat analytics Application security Identity and access management Server and endpoint protection Network security Encryption and key management Vulnerability and pen testing
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS GDPR Center https://aws.amazon.com/compliance/gdpr-center/
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data subjects Customer as controller AWS as processor Recap: Data Protection—a Shared Responsibility Controllers and processors have obligations under GDPR
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Provides Assistance for Your GDPR Journey Tools and services Compliance framework Partner network Data protection terms
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You!

Recomendados

Artificial Intelligence nella realtà di oggi: come utilizzarla al meglio
Artificial Intelligence nella realtà di oggi: come utilizzarla al meglioArtificial Intelligence nella realtà di oggi: come utilizzarla al meglio
Artificial Intelligence nella realtà di oggi: come utilizzarla al meglioAmazon Web Services
 
Usare la tecnologia Container su AWS
Usare la tecnologia Container su AWSUsare la tecnologia Container su AWS
Usare la tecnologia Container su AWSAmazon Web Services
 
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Amazon Web Services
 
Come estendere gli ambienti VMware sul Cloud AWS
Come estendere gli ambienti VMware sul Cloud AWSCome estendere gli ambienti VMware sul Cloud AWS
Come estendere gli ambienti VMware sul Cloud AWSAmazon Web Services
 
Data freedom: come migrare i carichi di lavoro Big Data su AWS
Data freedom: come migrare i carichi di lavoro Big Data su AWSData freedom: come migrare i carichi di lavoro Big Data su AWS
Data freedom: come migrare i carichi di lavoro Big Data su AWSAmazon Web Services
 
Internet of Things e Machine Learning: i principali casi d'uso
Internet of Things e Machine Learning: i principali casi d'usoInternet of Things e Machine Learning: i principali casi d'uso
Internet of Things e Machine Learning: i principali casi d'usoAmazon Web Services
 
Creazione del business case per l'adozione del cloud nella tua azienda
Creazione del business case per l'adozione del cloud nella tua aziendaCreazione del business case per l'adozione del cloud nella tua azienda
Creazione del business case per l'adozione del cloud nella tua aziendaAmazon Web Services
 
Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018
Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018
Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018Amazon Web Services
 

Recomendados

Artificial Intelligence nella realtà di oggi: come utilizzarla al meglio
Artificial Intelligence nella realtà di oggi: come utilizzarla al meglioArtificial Intelligence nella realtà di oggi: come utilizzarla al meglio
Artificial Intelligence nella realtà di oggi: come utilizzarla al meglioAmazon Web Services
 
Usare la tecnologia Container su AWS
Usare la tecnologia Container su AWSUsare la tecnologia Container su AWS
Usare la tecnologia Container su AWSAmazon Web Services
 
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Amazon Web Services
 
Come estendere gli ambienti VMware sul Cloud AWS
Come estendere gli ambienti VMware sul Cloud AWSCome estendere gli ambienti VMware sul Cloud AWS
Come estendere gli ambienti VMware sul Cloud AWSAmazon Web Services
 
Data freedom: come migrare i carichi di lavoro Big Data su AWS
Data freedom: come migrare i carichi di lavoro Big Data su AWSData freedom: come migrare i carichi di lavoro Big Data su AWS
Data freedom: come migrare i carichi di lavoro Big Data su AWSAmazon Web Services
 
Internet of Things e Machine Learning: i principali casi d'uso
Internet of Things e Machine Learning: i principali casi d'usoInternet of Things e Machine Learning: i principali casi d'uso
Internet of Things e Machine Learning: i principali casi d'usoAmazon Web Services
 
Creazione del business case per l'adozione del cloud nella tua azienda
Creazione del business case per l'adozione del cloud nella tua aziendaCreazione del business case per l'adozione del cloud nella tua azienda
Creazione del business case per l'adozione del cloud nella tua aziendaAmazon Web Services
 
Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018
Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018
Big Data on AWS - To infinity and beyond! - Tel Aviv Summit 2018Amazon Web Services
 
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...Amazon Web Services
 
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...Amazon Web Services
 
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...Amazon Web Services
 
人工智能 (AI) 與機器學習概覽 (Level 200)
人工智能 (AI) 與機器學習概覽 (Level 200)人工智能 (AI) 與機器學習概覽 (Level 200)
人工智能 (AI) 與機器學習概覽 (Level 200)Amazon Web Services
 
AI and IoT innovation - an industry focus
AI and IoT innovation - an industry focusAI and IoT innovation - an industry focus
AI and IoT innovation - an industry focusAmazon Web Services
 
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Amazon Web Services
 
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...Amazon Web Services
 
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)Amazon Web Services
 
BI & Analytics
BI & AnalyticsBI & Analytics
BI & AnalyticsAmazon Web Services
 
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAmazon Web Services
 
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...Amazon Web Services
 
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018Amazon Web Services
 
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
 
Machine Learning in azione con Amazon SageMaker
Machine Learning in azione con Amazon SageMakerMachine Learning in azione con Amazon SageMaker
Machine Learning in azione con Amazon SageMakerAmazon Web Services
 
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018Amazon Web Services
 
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...Amazon Web Services
 
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...Amazon Web Services
 
GDPR x AWS 導覽 (Level 200)
GDPR x AWS 導覽 (Level 200)GDPR x AWS 導覽 (Level 200)
GDPR x AWS 導覽 (Level 200)Amazon Web Services
 
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018Amazon Web Services
 
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...Amazon Web Services
 
AWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAmazon Web Services
 
GDPR and Automation Overview
GDPR and Automation OverviewGDPR and Automation Overview
GDPR and Automation OverviewAmazon Web Services
 

Mais conteúdo relacionado

Mais procurados

NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...Amazon Web Services
 
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...Amazon Web Services
 
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...Amazon Web Services
 
人工智能 (AI) 與機器學習概覽 (Level 200)
人工智能 (AI) 與機器學習概覽 (Level 200)人工智能 (AI) 與機器學習概覽 (Level 200)
人工智能 (AI) 與機器學習概覽 (Level 200)Amazon Web Services
 
AI and IoT innovation - an industry focus
AI and IoT innovation - an industry focusAI and IoT innovation - an industry focus
AI and IoT innovation - an industry focusAmazon Web Services
 
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Amazon Web Services
 
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...Amazon Web Services
 
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)Amazon Web Services
 
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...Amazon Web Services
 
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018Amazon Web Services
 
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
 
Machine Learning in azione con Amazon SageMaker
Machine Learning in azione con Amazon SageMakerMachine Learning in azione con Amazon SageMaker
Machine Learning in azione con Amazon SageMakerAmazon Web Services
 
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018Amazon Web Services
 
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...Amazon Web Services
 
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...Amazon Web Services
 
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018Amazon Web Services
 
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...Amazon Web Services
 

Mais procurados (20)

NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
NFL and Forwood Safety Deploy Business Analytics at Scale with Amazon QuickSi...
 
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
DevSecOps: Instituting Cultural Transformation for Public Sector Organization...
 
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
Driving Machine Learning and Analytics Use Cases with AWS Storage (STG302) - ...
 
人工智能 (AI) 與機器學習概覽 (Level 200)
人工智能 (AI) 與機器學習概覽 (Level 200)人工智能 (AI) 與機器學習概覽 (Level 200)
人工智能 (AI) 與機器學習概覽 (Level 200)
 
AI and IoT innovation - an industry focus
AI and IoT innovation - an industry focusAI and IoT innovation - an industry focus
AI and IoT innovation - an industry focus
 
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018
 
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
Ticketek Sells 1,000s of Tickets a Minute with AWS Service Catalog (MAE204-S)...
 
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
雲上打造資料湖 (Data Lake):智能化駕馭商機 (Level 300)
 
BI & Analytics
BI & AnalyticsBI & Analytics
BI & Analytics
 
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdf
 
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
The Theory and Math Behind Data Privacy and Security Assurance (SEC301) - AWS...
 
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
Drive Customer Value with Data-Driven Decisions (GPSBUS206) - AWS re:Invent 2018
 
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...
 
Machine Learning in azione con Amazon SageMaker
Machine Learning in azione con Amazon SageMakerMachine Learning in azione con Amazon SageMaker
Machine Learning in azione con Amazon SageMaker
 
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
Amazon Cloud Directory Deep Dive (DAT364) - AWS re:Invent 2018
 
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
Leadership Session: Using AWS End User Computing Services for Your Modern Wor...
 
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
Dissecting Media Asset Management Architecture and Media Archive TCO (MAE301)...
 
GDPR x AWS 導覽 (Level 200)
GDPR x AWS 導覽 (Level 200)GDPR x AWS 導覽 (Level 200)
GDPR x AWS 導覽 (Level 200)
 
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
Securing and Managing IoT Devices at Scale (SEC367-R1) - AWS re:Invent 2018
 
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
 

Semelhante a Sicurezza e conformità al GDPR con AWS

AWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAmazon Web Services
 
Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Net4All
 
Enabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSEnabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSAmazon Web Services
 
Navigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaNavigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaAmazon Web Services
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledAmazon Web Services
 
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSAmazon Web Services
 
Enabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfEnabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfAmazon Web Services
 
Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva...
Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva... Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva...
Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva...Amazon Web Services
 
Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...
Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...
Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...Michaela Bromfield
 
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...Amazon Web Services
 
GDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUGDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUAmazon Web Services
 
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Amazon Web Services
 
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Amazon Web Services
 
Top Security Myths Dispelled - AWS Summit Sydney 2018
Top Security Myths Dispelled - AWS Summit Sydney 2018 Top Security Myths Dispelled - AWS Summit Sydney 2018
Top Security Myths Dispelled - AWS Summit Sydney 2018 Amazon Web Services
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledAmazon Web Services
 
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018Amazon Web Services
 
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018Amazon Web Services
 

Semelhante a Sicurezza e conformità al GDPR con AWS (20)

AWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPR
 
GDPR and Automation Overview
GDPR and Automation OverviewGDPR and Automation Overview
GDPR and Automation Overview
 
Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...
 
Enabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSEnabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWS
 
Navigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaNavigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in China
 
Security & Compliance
Security & ComplianceSecurity & Compliance
Security & Compliance
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths Dispelled
 
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWS
 
Enabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfEnabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdf
 
Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva...
Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva... Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva...
Breaking the Ice: How Broadridge is Helping Customers Transform Cold Archiva...
 
Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...
Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...
Emerging Trends in Big Data, Analytics, Machine Learning, and Internet-of-Thi...
 
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
 
Top Security Myths Dispelled
Top Security Myths DispelledTop Security Myths Dispelled
Top Security Myths Dispelled
 
GDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUGDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EU
 
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
 
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
 
Top Security Myths Dispelled - AWS Summit Sydney 2018
Top Security Myths Dispelled - AWS Summit Sydney 2018 Top Security Myths Dispelled - AWS Summit Sydney 2018
Top Security Myths Dispelled - AWS Summit Sydney 2018
 
Top Cloud Security Myths Dispelled
Top Cloud Security Myths DispelledTop Cloud Security Myths Dispelled
Top Cloud Security Myths Dispelled
 
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
 
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018
 

Mais de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mais de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Sicurezza e conformità al GDPR con AWS

  • 1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Navigating GDPR Compliance on AWS Diego Natali AWS Solutions Architect
  • 2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is the GDPR?
  • 3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is the GDPR? • The “GDPR” is the General Data Protection Regulation, a significant new EU Data Protection Regulation • Introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance across the EU • The GDPR is enforceable May 25, 2018 and it replaces the EU Data Protection Directive (Directive 95/46/EC) • In scope: organizations established in the EU and organizations without an EU presence who target or monitor EU individuals
  • 4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Content versus Personal Data = anything that a customer (or any user) stores, or processes using AWS services, including: Software ǀ Data ǀ Text ǀ Audio ǀ Video Content Personal data = information from which a living individual may be identified or identifiable (under EU data protection law) Customer’s “content” might include “personal data”
  • 5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Controller vs Data Processor = determines the purposes and means of the processing of personal data Data Controller Data Processor = processes personal data on behalf of the controller
  • 6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The right to be forgotten Privacy by design Data breach notification Individuals have the right to a copy of all the personal data that controllers have regarding him or her. It also must be provided in a way that facilitates reuse. What Else Comes with GDPR? The right to data portability
  • 7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Else Comes with GDPR? The right to be forgotten Privacy by design Data breach notification This gives individuals the right to have certain personal data deleted so third parties can no longer trace them. The right to data portability
  • 8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Else Comes with GDPR? The right to be forgotten Privacy by design Data breach notification This helps to facilitate the inclusion of policies, guidelines, and work instructions related to data protection in the earliest stages of projects including personal data. The right to data portability
  • 9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Else Comes with GDPR? The right to be forgotten Privacy by design Data breach notification Controllers must report personal data breaches to the relevant supervisory authority within 72 hours. If there is a high risk to the rights and freedoms of data subjects, they must also notify the data subjects. The right to data portability
  • 10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How AWS Can Help Customers Achieve GDPR Compliance
  • 11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Protection— A Shared Responsibility Managed by AWS customers Managed by AWS Foundation Services AWS Global Infrastructure Client-side data encryption and data integrity authentication Server-side encryption File System and/or data Network Traffic Protection Encryption/integrity/identity AWSIAM Customer data Platform and application management Operating system, network, and firewall configuration CustomerIAM Optional—opaque data: 0s and 1s (in transit/at rest) Compute Storage Databases Networking Regions Availability zones Edge locations AWS endpoints
  • 12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data subjects Customer as controller AWS as processor Data Protection— A Shared Responsibility Controllers and processors have obligations under GDPR
  • 13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Protection— A Shared Responsibility Data subjects Customer‘s customer as controller Customer as processor AWS as processor Controllers and processors have obligations under GDPR
  • 14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Legal Compliance (Both controllers and processors) System Security and Data Protection by Design (Both controllers and processors; AWS has tooling to help) Records of Processing Activities (Both controllers and processors; AWS has tooling to help) Encryption (Both controllers and processors; AWS has tooling to help) Security of Personal Data (Controller responsibility) Managing Data Subject Consent (Controller responsibility) Managing Personal Data Deletion (Both controllers and processors; AWS has tooling to help) Managing Personal Data Portability (Controller responsibility) GDPR is Also a Shared Responsibility
  • 15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. GDPR in Practice: Implementing TOMs 1 Pseudonymization and encryption of personal data 2 Ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services 3 Ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident 4 Process for regularly testing, assessing, and evaluating the effectiveness of TOMs Under GDPR, Controllers and Processors are required to implement appropriate Technical and Organization Measures (“TOMs”)…
  • 16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Services Already Comply with the GDPR AWS completed the entirety of our GDPR service readiness audit on March 26, 2018—validating that all generally available services and features adhere to the high privacy bar and data protection standards required of data processors by the GDPR. What does this mean to you? Customers can deploy AWS services as a key part of their GDPR compliance plans.
  • 17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs—What AWS Provides to You Tools and services Compliance framework Partner network Data protection terms
  • 18. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services “Security of processing”“Data protection by design and default” “Records of processing activities” AWS Storage Gateway Amazon Virtual Private Cloud (VPC) Amazon API Gateway AWS KMS AWS CloudHSM Amazon S3 Server- Side Encryption AWS Identity and Access Management AWS CloudFormation AWS WAF Amazon CloudWatch AWS CloudTrail AWS Config
  • 19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework The controller “shall implement appropriate technical and organizational measures for ensuring that, by default, only personal data that are necessary for each specific purpose of the processing are processed.” AWS Identity and Access Management API-Request Authentication Temporary Access Tokens Data access control
  • 20. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IAM/STS Resources Implementing TOMs with AWS Services Data Access Control IAM User Parent account Child account 1. Authenticate with access keys 2. Pass MFA info to get temporary security credentials 3. Call AWS APIs using temporary security credentials
  • 21. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services Data Access Control
  • 22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework “Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under their responsibility.” AWS CloudTrail Amazon Inspector Amazon Macie AWS Config Data access control
  • 23. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services AWS CloudTrail Monitoring of access activities—AWS CloudTrail Management console CLI SDK AWS resources Archive and audit Troubleshoot Monitor, alarm, and react Amazon CloudWatch S3 Bucket AWS CloudTrail
  • 24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services Monitoring of access activities—Amazon GuardDuty Amazon GuardDuty
  • 25. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security service that uses machine learning to continuously and automatically discover, classify, and protect sensitive data in AWS Recognizes and classify sensitive data such as Personally identifiable information (PII) Intellectual property Sensitive AWS account information Implementing TOMs with AWS Services
  • 26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework Organizations must “implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the pseudonymisation and encryption of personal data.” Encryption of data at rest (Amazon EBS, Amazon S3, Amazon Glacier, Amazon RDS, etc.) Centralized Regional Key Management with AWS KMS Dedicated HSM in the cloud with AWS CloudHSM IPsec VPN to your AWS environment with Virtual Private Gateway Data access control
  • 27. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services In transit data encryption For distributed applications Open-source encryption functionality In transit data encryption For EMRFS traffic between S3 and cluster nodes (enabled automatically) TLS encryption At-rest data encryption For EMRFS on S3 Server-side or client-side encryption (SSE-S3, SSE-KMS, CSE-KMS, or CSE-Custom) At-rest data encryption For cluster nodes (EC2 instance volumes) Open-source HDFS encryption, LUKS encryption EMR S3 HSFS (Block-transfer and RPC) Local volumes (instance store/EBS) Data encryption at rest
  • 28. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Implementing TOMs with AWS Services—Examples Monitoring of access activities Data encryption Strong compliance framework Appropriate technical and organizational measures may need to include “the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of the processing systems and services.” SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)/SOC 2/SOC 3 PCI DSS Level 1 ISO 9001/ISO 27001/ISO 27017/ISO 27018 NIST FIPS 140-2 Common Cloud Computing Controls Catalog (C5) Data access control
  • 29. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Meet Your Own Security Objectives AWS Global Infrastructure AWS Foundation Services Your own accreditation Your own certifications Your own external audits GDPR Code of Conduct Customer scope and effort is reduced Better results through focused efforts Built on AWS consistent baseline controls
  • 30. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. GDPR—Code of Conduct CISPE Code (Cloud Infrastructure Service Providers in Europe) The CISPE Code of Conduct: An effective, easily accessed framework for complying with the EU’s GDPR Excludes the reuse of customer data Enables data storage and processing exclusively within the EU Identifies cloud infrastructure services suitable for different types of data processing Helps citizens retain control of their personal and sensitive data AWS CISPE certified CISPE Code of Conduct in evaluation by Article 29 WP
  • 31. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Amazon Trusted Advisor Helps you reduce cost, increase performance, and improve security by providing real-time guidance to help you provision your resources following AWS best practices
  • 32. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Comes with baked-in controls for Unrestricted security groups MFA not on root accounts Publically exposed AWS credentials
  • 33. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Integrated with CloudWatch Events Build automation for things like: Exposed keys Auto disable? Security groups Alert?
  • 34. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon and OSS Example: CIS AWS benchmarks Purpose: Enables you to continuously or spot evaluate the configuration of resources and account settings of an AWS account against the CIS AWS Foundation Benchmark Continuous Validation
  • 35. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation Provides Assess against 48 control statements, including: No multi-factor authentication (MFA) usage on the root account Overly open IAM policies Lack of enabled logging on the account
  • 36. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation
  • 37. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation
  • 38. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Continuous Validation
  • 39. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Partner Network (APN) and GDPR Technology partnersConsulting partners APN Technology Partners offer security and identity solutions to help with GDPR APN Consulting Partners can help your customers get ready for GDPR
  • 40. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Marketplace: Your One Stop Shop for Familiar Tools Advanced threat analytics Application security Identity and access management Server and endpoint protection Network security Encryption and key management Vulnerability and pen testing
  • 41. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS GDPR Center https://aws.amazon.com/compliance/gdpr-center/
  • 42. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data subjects Customer as controller AWS as processor Recap: Data Protection—a Shared Responsibility Controllers and processors have obligations under GDPR
  • 43. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Provides Assistance for Your GDPR Journey Tools and services Compliance framework Partner network Data protection terms
  • 44. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You!