Scribd Logo
Upload

Welcome to Scribd!

  • 39 views

    Getting Started With Aws Security: @ianmmmm Ian Massingham - Technical Evangelist

    Uploaded by

    koyuuau
    This document provides an overview of getting started with AWS security. It discusses that AWS shares security responsibility with customers, with AWS handling security of the cloud infrastructure and customers handling security of their applications and data. It outlines AWS security features such as identity and access management, encryption, firewalls, and security monitoring tools. It also discusses AWS compliance with standards like PCI, ISO 27001, and provides security resources for learning more.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Getting Started With Aws Security: @ianmmmm Ian Massingham - Technical Evangelist

    Uploaded by

    koyuuau
    39 views32 pages
    This document provides an overview of getting started with AWS security. It discusses that AWS shares security responsibility with customers, with AWS handling security of the cloud infrastructure and customers handling security of their applications and data. It outlines AWS security features such as identity and access management, encryption, firewalls, and security monitoring tools. It also discusses AWS compliance with standards like PCI, ISO 27001, and provides security resources for learning more.

    Original Description:

    aws

    Original Title

    gettingstartedwithawssecurity-

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides an overview of getting started with AWS security. It discusses that AWS shares security responsibility with customers, with AWS handling security of the cloud infrastructure and customers handling security of their applications and data. It outlines AWS security features such as identity and access management, encryption, firewalls, and security monitoring tools. It also discusses AWS compliance with standards like PCI, ISO 27001, and provides security resources for learning more.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    39 views32 pages

    Getting Started With Aws Security: @ianmmmm Ian Massingham - Technical Evangelist

    Uploaded by

    koyuuau
    This document provides an overview of getting started with AWS security. It discusses that AWS shares security responsibility with customers, with AWS handling security of the cloud infrastructure and customers handling security of their applications and data. It outlines AWS security features such as identity and access management, encryption, firewalls, and security monitoring tools. It also discusses AWS compliance with standards like PCI, ISO 27001, and provides security resources for learning more.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 32

    Getting Started with

    AWS Security
    Ian Massingham — Technical Evangelist
    [email protected]
    @IanMmmm
    Getting Started with AWS Security

    Architected to be one of the most flexible and secure cloud environments



    Removes many of the security headaches that come with infrastructure

    Built in Security Features
    Agenda

    Sharing the Security Responsibility 



    Overview of AWS Security Features

    Verifying our Security 

    Useful Resources
    Increasing your Security Posture in the Cloud

    AWS security Size of AWS
 Visibility into



    approach security team usage & resources
    Broad Accreditations & Certifications

    MPAA

    ISO 27001 ISO 9001


    Security Benefits from Community Network Effect

    Partner ecosystem Customer ecosystem Everyone benefits


    SHARING THE
    SECURITY RESPONSIBILITY
    Shared Security Model

    • Shared Responsibility
    – Let AWS do the heavy lifting
    – Focus on what’s most valuable to your business

    • AWS • Customer
    • Facility operations • Choice of Guest OS
    • Physical Security • Application Configuration Options
    • Physical Infrastructure • Account Management flexibility
    • Network Infrastructure • Security Groups
    • Virtualisation Infrastructure • ACLs
    • Hardware lifecycle • Identity Management
    management
    Shared Security Model: Infrastructure Services
    Such as Amazon EC2, Amazon EBS, and Amazon VPC
    Shared Security Model: Container Services
    Such as Amazon RDS and Amazon EMR
    Shared Security Model: Abstracted Services
    Such as Amazon S3 and Amazon DynamoDB
    AWS SECURITY FEATURES
    SECURE ACCESS
    API ENDPOINTS USE TLS
    BUILT-IN FIREWALLS
    YOU CONTROL ACCESS TO YOUR INSTANCES
    ROLE-BASED
    ACCESS CONTROL
    WITH FINE-GRAINED PERMISSIONS
    MULTI-FACTOR
    AUTHENTICATION
    BUILT IN
    PRIVATE SUBNETS
    WITHIN YOUR AWS VIRTUAL PRIVATE CLOUD
    ENCRYPT YOUR
    DATA AT REST
    USING AES 256 BIT ENCRYPTION KEYS
    CLOUD HSM
    A HIGHLY SECURE WAY TO STORE KEYS
    DEDICATED
    CONNECTION
    AN OPTION WITH AWS DIRECT CONNECT
    SECURITY LOGS
    AWS CLOUDTRAIL, AWS CONFIG &
    AMAZON CLOUDWATCH LOGS
    TRUSTED ADVISOR
    YOUR CUSTOMISED CLOUD EXPERT
    VERIFYING OUR SECURITY
    Compliance at AWS
    AWS is Level 1 compliant under the Payment Card Industry (PCI) Data
    Security Standard (DSS). Customers can run applications on our PCI-
    compliant technology infrastructure for storing, processing, and
    transmitting credit card information in the cloud.

    AWS is ISO 27001 certified under the International Organization for


    Standardization (ISO) 27001 standard. ISO 27001 is a widely-adopted
    global security standard that outlines the requirements for information
    security management systems.

    Many other government and industry compliance requirements are


    also met by AWS. Find more at:
    aws.amazon.com/compliance
    RESOURCES YOU CAN USE
    TO LEARN MORE
    aws.amazon.com/security/
    AWS
    Technical
    Documentation
    blogs.aws.amazon.com/security
    AWS Security White Papers

    Introduction to AWS Security

    Security at Scale: Governance in AWS

    Security at Scale: Logging in AWS

    AWS Security Best Practices

    Securing Data at Rest with Encryption

    AWS Security Whitepaper


    aws.amazon.com/iam

    aws.amazon.com/vpc

    aws.amazon.com/kms

    aws.amazon.com/config

    aws.amazon.com/cloudtrail

    aws.amazon.com/cloudhsm

    aws.amazon.com/cloudwatch

    aws.amazon.com/trustedadvisor
    re
    o s
    r m a r
    fo bin
    us we
    w
    ll o ts &
    Fo ven
    e

    Ian Massingham — Technical Evangelist


    @IanMmmm

    @AWS_UKI for local AWS events & news

    @AWScloud for Global AWS News & Announcements

    You might also like