Einführung „Compliance mit AWS" - AWS Security Web Day

•

0 gefällt mir•589 views

Vortrag "Einführung - Compliance mit AWS" von Bertram Dorn beim AWS Security Web Day 2016. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1NFtR5P Das AWS Compliance-Programm ist der Schlüssel für Kunden, um die von AWS getroffenen technischen und organisatorischen Maßnahmen zu verstehen, welche getroffen werden, um Kundendaten zu sichern. Der Vortrag wird einen Einblick in die Grundlagen der Verfahren von ISO270xx, SOC1/2/3 und PCI DSS geben. Auch werden wir uns dem Lesen dieser Zertifikate und Berichte widmen, um deren Inhalt mit den typischen Fragen und Voraussetzungen von Datenverarbeitung, Verfügbarkeit und Risikoabsicherung zu verbinden.

Technologie

Reading the AWS Compliance Framework
Bertram Dorn
Specialized Solutions Architect EMEA
For Security and Compliance

Agenda:
• Overview
• ISO
• SOC
• Documents
• A Demo

Shared Responsibility
Cross-service Controls
Service-specific Controls
Managed by
AWS
Managed by
Customer
Security of the Cloud
Security in the Cloud
Cloud Service Provider
Controls
Optimized
Network/OS/App Controls
Request reports at:
aws.amazon.com/compliance/#contact
ISO
27000
ISO
9001

The main AWS Compliance Frameworks of today
Certificates: Programmes:
ISO
9001
ISO
27000
MPAA

Point-in-time, or continuous compliance assessments?
ISO
27001/27017
27018
9001

Scope
• By Service (not only Datacenter)
• By Region
• By Certification
• Global
• Scalable

Weitere ähnliche Inhalte

Was ist angesagt?

AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAmazon Web Services

Intro to AWS: SecurityAmazon Web Services

Network Security and Access Control within AWS Amazon Web Services

AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services

Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services

In Depth: AWS Shared Security ModelAmazon Web Services

The AWS Shared Security Responsibility Model in PracticeAmazon Web Services

Security and Compliance in the Cloud Amazon Web Services

Intro & Security UpdateAmazon Web Services

AWS Security Architecture - OverviewSai Kesavamatham

AWS Security for Financial ServicesAmazon Web Services

What's (nearly) new | AWS Security Roadshow DublinAmazon Web Services

AWS Enterprise Summit - AWS로 IT 운영 및 관리 재편하기 - 양승도Amazon Web Services Korea

Introduction to AWS SecurityLalitMohanSharma8

Practical Steps to Hack-Proofing AWSAmazon Web Services

Intro to AWS: SecurityAmazon Web Services

Security on AWSAmazon Web Services

Shared Responsibility Deep DiveAmazon Web Services

Segurança de Ponta a Ponta na AWSAlexandre Santos

Aws security Fundamentals Christopher Caplan

Was ist angesagt? (20)

AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC

Intro to AWS: Security

Network Security and Access Control within AWS

AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices

Putting it All Together: Securing Systems at Cloud Scale

In Depth: AWS Shared Security Model

The AWS Shared Security Responsibility Model in Practice

Security and Compliance in the Cloud

Intro & Security Update

AWS Security Architecture - Overview

AWS Security for Financial Services

What's (nearly) new | AWS Security Roadshow Dublin

AWS Enterprise Summit - AWS로 IT 운영 및 관리 재편하기 - 양승도

Introduction to AWS Security

Practical Steps to Hack-Proofing AWS

Intro to AWS: Security

Security on AWS

Shared Responsibility Deep Dive

Segurança de Ponta a Ponta na AWS

Aws security Fundamentals

Andere mochten auch

My mentor – Elena Makhovikovaprosvsports

El Turismo Medico En Colombia: La Cirugia Estetica Suitesolocolombia00

How to setup a reselling cooperationMikael Balte

Casa de los picapiedra en ventajoflay

2 aaquileoagustin

Fitxa unitat 3.els éssers viusRafael Alvarez Alonso

Andere mochten auch (6)

My mentor – Elena Makhovikova

El Turismo Medico En Colombia: La Cirugia Estetica Suite

How to setup a reselling cooperation

Casa de los picapiedra en venta

2 a

Fitxa unitat 3.els éssers vius

Ähnlich wie Einführung „Compliance mit AWS" - AWS Security Web Day

AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services

AWS Certified DevOps Engineer: What it is and how to get certifiedInfosec

AWS Enterprise Summit Netherlands - Infosec by DesignAmazon Web Services

AWS re:Invent 2016: Tips for Building Successful Solutions with AWS Marketpla...Amazon Web Services

AWS Certification Paths And Tips for Getting CertifiedAdam Book

AWS Cloud Operations Administrator: What it is and how to get certifiedInfosec

Adding to the bottom line - the Key Cloud plays for the Mid-Market - Adam BeavisAmazon Web Services

AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...Amazon Web Services

(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services

AWS Enterprise Summit London 2015 | Security in the CloudAmazon Web Services

Track A-3: Drive Innovation & Reduce Costs with Managed Servicesscoopnewsgroup

What's (nearly) new | AWS Security RoadshowAmazon Web Services

Security Day What's (nearly) NewAmazon Web Services

Getting Started with AWS SecurityAmazon Web Services

Getting Started With AWS SecurityAmazon Web Services

AWS Webcast - Understanding the AWS Security ModelAmazon Web Services

AWS Technical Due Diligence Workshop Session TwoTom Laszewski

CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic

AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services

AWS APAC Webinar Week - Training & Certification MasterclassAmazon Web Services

Ähnlich wie Einführung „Compliance mit AWS" - AWS Security Web Day (20)

AWS Shared Responsibility Model & Compliance Program Overview

AWS Certified DevOps Engineer: What it is and how to get certified

AWS Enterprise Summit Netherlands - Infosec by Design

AWS re:Invent 2016: Tips for Building Successful Solutions with AWS Marketpla...

AWS Certification Paths And Tips for Getting Certified

AWS Cloud Operations Administrator: What it is and how to get certified

Adding to the bottom line - the Key Cloud plays for the Mid-Market - Adam Beavis

AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...

(SEC324) NEW! Introducing Amazon Inspector

AWS Enterprise Summit London 2015 | Security in the Cloud

Track A-3: Drive Innovation & Reduce Costs with Managed Services

What's (nearly) new | AWS Security Roadshow

Security Day What's (nearly) New

Getting Started with AWS Security

Getting Started With AWS Security

AWS Webcast - Understanding the AWS Security Model

AWS Technical Due Diligence Workshop Session Two

CSS17: Atlanta - The AWS Shared Responsibility Model in Practice

AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...

AWS APAC Webinar Week - Training & Certification Masterclass

Mehr von AWS Germany

Analytics Web Day | From Theory to Practice: Big Data Stories from the FieldAWS Germany

Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...AWS Germany

Modern Applications Web Day | Impress Your Friends with Your First Serverless...AWS Germany

Modern Applications Web Day | Manage Your Infrastructure and Configuration on...AWS Germany

Modern Applications Web Day | Container Workloads on AWSAWS Germany

Modern Applications Web Day | Continuous Delivery to Amazon EKS with SpinnakerAWS Germany

Building Smart Home skills for AlexaAWS Germany

Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructureAWS Germany

Wild Rydes with Big Data/Kinesis focus: AWS Serverless WorkshopAWS Germany

Log Analytics with AWSAWS Germany

Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS AWS Germany

AWS Programme für NonprofitsAWS Germany

Microservices and Data DesignAWS Germany

Serverless vs. Developers – the real crashAWS Germany

Query your data in S3 with SQL and optimize for cost and performanceAWS Germany

Secret Management with Hashicorp’s VaultAWS Germany

EKS WorkshopAWS Germany

Scale to Infinity with ECSAWS Germany

Containers on AWS - State of the UnionAWS Germany

Deploying and Scaling Your First Cloud Application with Amazon LightsailAWS Germany

Mehr von AWS Germany (20)

Analytics Web Day | From Theory to Practice: Big Data Stories from the Field

Analytics Web Day | Query your Data in S3 with SQL and optimize for Cost and ...

Modern Applications Web Day | Impress Your Friends with Your First Serverless...

Modern Applications Web Day | Manage Your Infrastructure and Configuration on...

Modern Applications Web Day | Container Workloads on AWS

Modern Applications Web Day | Continuous Delivery to Amazon EKS with Spinnaker

Building Smart Home skills for Alexa

Hotel or Taxi? "Sorting hat" for travel expenses with AWS ML infrastructure

Wild Rydes with Big Data/Kinesis focus: AWS Serverless Workshop

Log Analytics with AWS

Deep Dive into Concepts and Tools for Analyzing Streaming Data on AWS

AWS Programme für Nonprofits

Microservices and Data Design

Serverless vs. Developers – the real crash

Query your data in S3 with SQL and optimize for cost and performance

Secret Management with Hashicorp’s Vault

EKS Workshop

Scale to Infinity with ECS

Containers on AWS - State of the Union

Deploying and Scaling Your First Cloud Application with Amazon Lightsail

Kürzlich hochgeladen

Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1

presentation ICT roal in 21st century educationjfdjdjcjdnsjd

What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays

A Domino Admins Adventures (Engage 2024)Gabriella Davis

Scaling API-first – The story of a global engineering organizationRadu Cotescu

IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge

CNv6 Instructor Chapter 6 Quality of Servicegiselly40

Partners Life - Insurer Innovation Award 2024The Digital Insurer

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer

How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes

Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer

Presentation on how to chat with PDF using ChatGPT code interpreternaman860154

Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun

Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge

Kürzlich hochgeladen (20)

Boost Fertility New Invention Ups Success Rates.pdf

presentation ICT roal in 21st century education

What Are The Drone Anti-jamming Systems Technology?

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

A Domino Admins Adventures (Engage 2024)

Scaling API-first – The story of a global engineering organization

IAC 2024 - IA Fast Track to Search Focused AI Solutions

CNv6 Instructor Chapter 6 Quality of Service

Partners Life - Insurer Innovation Award 2024

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

How to Troubleshoot Apps for the Modern Connected Worker

Axa Assurance Maroc - Insurer Innovation Award 2024

Presentation on how to chat with PDF using ChatGPT code interpreter

Data Cloud, More than a CDP by Matt Robison

Driving Behavioral Change for Information Management through Data-Driven Gree...

Einführung „Compliance mit AWS" - AWS Security Web Day

1. Reading the AWS Compliance Framework Bertram Dorn Specialized Solutions Architect EMEA For Security and Compliance

2. Agenda: • Overview • ISO • SOC • Documents • A Demo

3. Certifications/Audits: Overview

4. Shared Responsibility Cross-service Controls Service-specific Controls Managed by AWS Managed by Customer Security of the Cloud Security in the Cloud Cloud Service Provider Controls Optimized Network/OS/App Controls Request reports at: aws.amazon.com/compliance/#contact ISO 27000 ISO 9001

5. The main AWS Compliance Frameworks of today Certificates: Programmes: ISO 9001 ISO 27000 MPAA

6. Point-in-time, or continuous compliance assessments? ISO 27001/27017 27018 9001

7. Certifications/Audits: Scope

8. Scope • By Service (not only Datacenter) • By Region • By Certification • Global • Scalable

9. Certifications/Audits: Demo Scope

10. Compliance Mapping: How to do that

11. Mapping

12. Compliance Mapping: Demo

13.

14. Thank You