SlideShare ist ein Scribd-Unternehmen logo

Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C.

Als PPTX, PDF herunterladen
Amazon Web Services
Amazon Web Services

Security is your number one priority and it is ours too. With customers around the world across all industries, it is our top priority to ensure the underlying cloud infrastructure is secure and compliant. This presentation will address our shared security/responsibility model, specific compliance requirements such as FedRAMP, DISA/DoD Cloud Security Models, and detail the specific AWS compliance programs that supports our customers in these compliance environments.

Technologie
1 von 13
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Federal Compliance Deep Dive: AWS Public Sector Security Assurance Programs Chris Gile Senior Manager AWS Risk and Compliance cgile@amazon.com
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Shared Security Responsibility • AWS & Customers both have security/compliance obligations • Logical assessment & accreditation boundaries Cross-service Controls Service-specific Controls Managed by AWS Managed by Customer Compliance of the Cloud Compliance in the Cloud Cloud Service Provider Controls Optimized Network/OS/App Controls
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS FedRAMP Program • AWS has two Agency ATOs granted by HHS; assessment reviewed by HHS, FDA, CDC, and NIH covering: – All AWS US Regions (US East/West, & GovCloud (US)) – EC2, S3, EBS, VPC, IAM – New: Amazon Redshift (US East/West only) • Assessed against all FedRAMP-Moderate controls • Agency ATO packages have reciprocity with federal agencies • AWS will directly field FedRAMP package requests; agencies can still request AWS FedRAMP package from FedRAMP PMO – AWS provides customers a FedRAMP SSP Template, inherited/shared control matrix, as well as FedRAMP package cloud.cio.gov/fedramp/amazon
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Building Solutions on AWS • Partners & Agencies can leverage FedRAMP compliant AWS • AWS’s FedRAMP package covers AWS infrastructure and underlying management of services • Partner’s FedRAMP package includes inherited controls; shared controls documents partner’s application/service built on AWS • To support partners we can provide: – Partner FedRAMP package: ATO Letters, CIS spreadsheet, FIPS 199, etc. – SSP Template: Pre-populated with inherited control language, guidance on completing shared controls – ATO Letters as stand-alone documents – Support: Security Solutions Architects, Security Assurance Architects, Professional Services
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Documentation Support • AWS Package is specific to the AWS Infrastructure • Partner’s Package is specific to the Partner’s Application or managed services • Inherited v. Shared Controls
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS DoD CSM Program • 2/6/14 Provisional Authorization for Levels 1-2 • DISA-managed Cloud Security Model (CSM) • 70 additional control enhancements overlaid on FedRAMP Moderate • Partners have achieved MAC II Sensitive DIACAP ATOs
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Certifications & Compliance • AWS Environment – SOC 1/2/3 – ISO 27001 Certification – Payment Card Industry Data Security Standard (PCI DSS) Level 1 Service Provider – FedRAMP (up to Moderate) – AWS GovCloud (US) – ITAR compliant region • Customers have deployed various compliant applications – Sarbanes-Oxley (SOX) – HIPAA (healthcare) – FISMA/FedRAMP (US Federal Government) – DIACAP – up to MAC II Sensitive – International Traffic in Arms Regulations (ITAR)
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Customer Resources • Whitepapers – Risk & Compliance Whitepaper – Overview of Security Processes – “Security at Scale” series • Governance in AWS • Logging in AWS • Template – FedRAMP SSP Template • Workbooks – FISMA-High – CJIS
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Other Compliance Programs • FISMA-High – Workbook available for partners under NDA – 84 additional control enhancements; 21 inherited, 54 shared, 9 customer • CJIS Workbook – Available under NDA – 121 security requirements; 10 inherited, 87 shared, and 24 customer-responsible requirements • Both are partner-based approaches to build a portfolio of authorizations
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Compliance & Security Centers • Answers to many security and compliance questions • Security whitepaper • Risk and Compliance whitepaper • Overview of Security Processes whitepaper • “Security at Scale” whitepaper series • Security bulletins • Customer penetration testing requests • Security best practices • Request more information by contacting us aws.amazon.com/security aws.amazon.com/compliance
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Additional AWS Security & Compliance References • https://aws.amazon.com/security • https://aws.amazon.com/compliance • https://aws.amazon.com/compliance/#whitepapers • https://aws.amazon.com/compliance/fedramp-faqs • https://aws.amazon.com/govcloud-us • https://aws.amazon.com/documentation • https://aws.amazon.com/iam awscompliance@amazon.com
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Questions?
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank You Chris Gile cgile@amazon.com

Empfohlen

AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
Amazon Web Services
 
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Amazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Amazon Web Services
 
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
Amazon Web Services
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into Compliance
Amazon Web Services
 
AWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAWS GovCloud (US) - An Overview
AWS GovCloud (US) - An Overview
Amazon Web Services
 
Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability 
Amazon Web Services
 
C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid Prototyping
Amazon Web Services
 

Empfohlen

AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
Amazon Web Services
 
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Move Away From the Worry-Based Fiction of the Cloud - AWS Washington D.C. Sym...
Amazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Amazon Web Services
 
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
Amazon Web Services
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into Compliance
Amazon Web Services
 
AWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAWS GovCloud (US) - An Overview
AWS GovCloud (US) - An Overview
Amazon Web Services
 
Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability Defending your workloads against the next zero-day vulnerability 
Defending your workloads against the next zero-day vulnerability 
Amazon Web Services
 
C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid Prototyping
Amazon Web Services
 
An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay Pilot
Amazon Web Services
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Amazon Web Services
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWS
Amazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
Amazon Web Services
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWS
Amazon Web Services
 
C2S: What’s Next
C2S: What’s NextC2S: What’s Next
C2S: What’s Next
Amazon Web Services
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get Started
Amazon Web Services
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation
Amazon Web Services
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the Clouds
Amazon Web Services
 
AWS as a Data Platform
AWS as a Data PlatformAWS as a Data Platform
AWS as a Data Platform
Amazon Web Services
 
Adobe : The Future of SaaS
Adobe : The Future of SaaSAdobe : The Future of SaaS
Adobe : The Future of SaaS
Amazon Web Services
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
Amazon Web Services
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the Cloud
Amazon Web Services
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher Education
Amazon Web Services
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better Platform
Amazon Web Services
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical Apps
Amazon Web Services
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your Organization
Amazon Web Services
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Amazon Web Services
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private Sector
Amazon Web Services
 
Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWS
Amazon Web Services
 
FedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsFedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conops
GovCloud Network
 

Weitere ähnliche Inhalte

Was ist angesagt?

An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay Pilot
Amazon Web Services
 

Was ist angesagt? (20)

An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay Pilot
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWS
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWS
 
C2S: What’s Next
C2S: What’s NextC2S: What’s Next
C2S: What’s Next
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get Started
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the Clouds
 
AWS as a Data Platform
AWS as a Data PlatformAWS as a Data Platform
AWS as a Data Platform
 
Adobe : The Future of SaaS
Adobe : The Future of SaaSAdobe : The Future of SaaS
Adobe : The Future of SaaS
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the Cloud
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher Education
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better Platform
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical Apps
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your Organization
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private Sector
 

Andere mochten auch

FedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsFedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conops
GovCloud Network
 
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
Amazon Web Services
 
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
Amazon Web Services
 
AWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWSAWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWS
Amazon Web Services
 
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWSSecurity and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Amazon Web Services
 

Andere mochten auch (20)

Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWS
 
FedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conopsFedRAMP concept-of-operations-conops
FedRAMP concept-of-operations-conops
 
Aws Architecture Fundamentals
Aws Architecture FundamentalsAws Architecture Fundamentals
Aws Architecture Fundamentals
 
Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
Disaster Recovery Sites on AWS: Minimal Cost, Maximum EfficiencyDisaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency
 
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
 
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...
 
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...
 
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
(SEC303) Mastering Access Control Policies | AWS re:Invent 2014
 
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
2016 Maze Live Changes in Grant Management and How to Prepare for the Single ...
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
Understanding the Risk Management Framework & (ISC)2 CAP Module 13: Contingen...
 
2016 Maze Live 1 GASB update
2016 Maze Live 1 GASB update2016 Maze Live 1 GASB update
2016 Maze Live 1 GASB update
 
2016 Maze Live Cyber-security for Local Governments
2016 Maze Live Cyber-security for Local Governments2016 Maze Live Cyber-security for Local Governments
2016 Maze Live Cyber-security for Local Governments
 
2016 Maze Live Fraud Environment
2016 Maze Live Fraud Environment2016 Maze Live Fraud Environment
2016 Maze Live Fraud Environment
 
Implementing GASB 72: Fair Value Measurement and Application
Implementing GASB 72: Fair Value Measurement and ApplicationImplementing GASB 72: Fair Value Measurement and Application
Implementing GASB 72: Fair Value Measurement and Application
 
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
How Trend Micro Build their Enterprise Security Offering on AWS (SEC307) | AW...
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
GASB 68 and 71 Planning for the Second Year
GASB 68 and 71 Planning for the Second YearGASB 68 and 71 Planning for the Second Year
GASB 68 and 71 Planning for the Second Year
 
Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde
Running Complex Enterprise Workloads on AWS - Session sponsored by FrondeRunning Complex Enterprise Workloads on AWS - Session sponsored by Fronde
Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde
 
AWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWSAWS Webcast - An Introduction to High Performance Computing on AWS
AWS Webcast - An Introduction to High Performance Computing on AWS
 
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWSSecurity and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
Security and Privacy in the AWS Cloud, Steve Schmidt, CIS Officer, AWS
 

Ähnlich wie Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C.

Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Amazon Web Services
 

Ähnlich wie Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C. (20)

AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C. AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
AWS Shared Responsibility Model - AWS Symposium 2014 - Washington D.C.
 
Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...
 
Overview of AWS Partner Programs in the Public Sector
Overview of AWS Partner Programs in the Public Sector Overview of AWS Partner Programs in the Public Sector
Overview of AWS Partner Programs in the Public Sector
 
How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...
 
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
 
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
 
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
 
For Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSFor Partners: Build Your Business on AWS
For Partners: Build Your Business on AWS
 
Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014
 
Driving Business Agility with AWS Serverless -Atlanta
Driving Business Agility with AWS Serverless -AtlantaDriving Business Agility with AWS Serverless -Atlanta
Driving Business Agility with AWS Serverless -Atlanta
 
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
Scale and Reach: Always Up - Always On - AWS Symposium 2014 - Washington D.C....
 
AWS Public Sector Summit 2014 Talk - Science as a Service using AWS
AWS Public Sector Summit 2014 Talk - Science as a Service using AWSAWS Public Sector Summit 2014 Talk - Science as a Service using AWS
AWS Public Sector Summit 2014 Talk - Science as a Service using AWS
 
Acquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAcquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public Sector
 
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C. GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
GIS on AWS Deep Dive - AWS Symposium 2014 - Washington D.C.
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...
 
Leveraging AWS Partner Network (APN) Resources
Leveraging AWS Partner Network (APN) ResourcesLeveraging AWS Partner Network (APN) Resources
Leveraging AWS Partner Network (APN) Resources
 
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C. AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
AWS as a Data Platform - AWS Symposium 2014 - Washington D.C.
 
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
Continuous Integration and Deployment Best Practices on AWS - AWS Symposium 2...
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Kürzlich hochgeladen

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Kürzlich hochgeladen (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014 - Washington D.C.

  • 1. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Federal Compliance Deep Dive: AWS Public Sector Security Assurance Programs Chris Gile Senior Manager AWS Risk and Compliance cgile@amazon.com
  • 2. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Shared Security Responsibility • AWS & Customers both have security/compliance obligations • Logical assessment & accreditation boundaries Cross-service Controls Service-specific Controls Managed by AWS Managed by Customer Compliance of the Cloud Compliance in the Cloud Cloud Service Provider Controls Optimized Network/OS/App Controls
  • 3. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS FedRAMP Program • AWS has two Agency ATOs granted by HHS; assessment reviewed by HHS, FDA, CDC, and NIH covering: – All AWS US Regions (US East/West, & GovCloud (US)) – EC2, S3, EBS, VPC, IAM – New: Amazon Redshift (US East/West only) • Assessed against all FedRAMP-Moderate controls • Agency ATO packages have reciprocity with federal agencies • AWS will directly field FedRAMP package requests; agencies can still request AWS FedRAMP package from FedRAMP PMO – AWS provides customers a FedRAMP SSP Template, inherited/shared control matrix, as well as FedRAMP package cloud.cio.gov/fedramp/amazon
  • 4. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Building Solutions on AWS • Partners & Agencies can leverage FedRAMP compliant AWS • AWS’s FedRAMP package covers AWS infrastructure and underlying management of services • Partner’s FedRAMP package includes inherited controls; shared controls documents partner’s application/service built on AWS • To support partners we can provide: – Partner FedRAMP package: ATO Letters, CIS spreadsheet, FIPS 199, etc. – SSP Template: Pre-populated with inherited control language, guidance on completing shared controls – ATO Letters as stand-alone documents – Support: Security Solutions Architects, Security Assurance Architects, Professional Services
  • 5. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Documentation Support • AWS Package is specific to the AWS Infrastructure • Partner’s Package is specific to the Partner’s Application or managed services • Inherited v. Shared Controls
  • 6. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS DoD CSM Program • 2/6/14 Provisional Authorization for Levels 1-2 • DISA-managed Cloud Security Model (CSM) • 70 additional control enhancements overlaid on FedRAMP Moderate • Partners have achieved MAC II Sensitive DIACAP ATOs
  • 7. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Certifications & Compliance • AWS Environment – SOC 1/2/3 – ISO 27001 Certification – Payment Card Industry Data Security Standard (PCI DSS) Level 1 Service Provider – FedRAMP (up to Moderate) – AWS GovCloud (US) – ITAR compliant region • Customers have deployed various compliant applications – Sarbanes-Oxley (SOX) – HIPAA (healthcare) – FISMA/FedRAMP (US Federal Government) – DIACAP – up to MAC II Sensitive – International Traffic in Arms Regulations (ITAR)
  • 8. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Customer Resources • Whitepapers – Risk & Compliance Whitepaper – Overview of Security Processes – “Security at Scale” series • Governance in AWS • Logging in AWS • Template – FedRAMP SSP Template • Workbooks – FISMA-High – CJIS
  • 9. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Other Compliance Programs • FISMA-High – Workbook available for partners under NDA – 84 additional control enhancements; 21 inherited, 54 shared, 9 customer • CJIS Workbook – Available under NDA – 121 security requirements; 10 inherited, 87 shared, and 24 customer-responsible requirements • Both are partner-based approaches to build a portfolio of authorizations
  • 10. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Compliance & Security Centers • Answers to many security and compliance questions • Security whitepaper • Risk and Compliance whitepaper • Overview of Security Processes whitepaper • “Security at Scale” whitepaper series • Security bulletins • Customer penetration testing requests • Security best practices • Request more information by contacting us aws.amazon.com/security aws.amazon.com/compliance
  • 11. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Additional AWS Security & Compliance References • https://aws.amazon.com/security • https://aws.amazon.com/compliance • https://aws.amazon.com/compliance/#whitepapers • https://aws.amazon.com/compliance/fedramp-faqs • https://aws.amazon.com/govcloud-us • https://aws.amazon.com/documentation • https://aws.amazon.com/iam awscompliance@amazon.com
  • 12. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Questions?
  • 13. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank You Chris Gile cgile@amazon.com