SlideShare ist ein Scribd-Unternehmen logo

Navigating GDPR Compliance on AWS

Amazon Web Services
Amazon Web Services

The General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018. Complying with GDPR can be challenging, but AWS can guide you through the process. This webinar is hosted by a GDPR compliance expert who will explain the automation mechanisms AWS offers its customers to help with their compliance programs. Specific GDPR articles will be matched to tooling, so knowledge of both will be helpful in understanding the material. A Q&A will follow.

1 von 33
Downloaden Sie, um offline zu lesen
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services
What is the GDPR?
What is the GDPR? • The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection Regulation • Introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance across the EU • The GDPR is enforceable May 25th, 2018 and it replaces the EU Data Protection Directive (Directive 95/46/EC) • Territorial scope: Organisations established in the EU and Organisations without an EU presence who target or monitor EU individuals
Content vs. Personal Data Content = anything that a customer (or any end user) stores, or processes using AWS services, including: Software ǀ Data ǀ Text ǀ Audio ǀ Video Personal Data = information from which a living individual may be identified or identifiable (under EU data protection law) • Customer’s “content” might include “personal data”
What Else Comes With GDPR? Individuals have the right to a copy of all the personal data that controllers have regarding him or her. It also must be provided in a way that facilitates reuse.
What Else Comes With GDPR? This gives individuals the right to have certain personal data deleted so third parties can no longer trace them.
This helps to facilitate the inclusion of policies, guidelines, and work instructions related to data protection in the earliest stages of projects including personal data. What Else Comes With GDPR?
Controllers must report personal data breaches to the relevant supervisory authority within 72 hours. If there is a high risk to the rights and freedoms of data subjects, they must also notify the data subjects. What Else Comes With GDPR?
How AWS can help customers achieve GDPR compliance
Bringing it all together Data Subjects Customers are Controllers AWS as Processor Controllers and Processors have obligations under GDPR
Bringing it all together Data Subjects Customer as Processor AWS as Processor Controllers and Processors have obligations under GDPR Customer’s customer as Controller
Under GDPR Controllers and Processors are required to implement appropriate Technical and Organization Measures (“TOMs”) … (1) Pseudonymisation and encryption of personal data (2) Ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services (3) Ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident (4) Process for regularly testing, assessing, and evaluating the effectiveness of TOMs GDPR in practice: implementing TOMs
What AWS provides Tools and Services Compliance Framework Partner Network §§ Data Protection Terms§§
AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Customer content Customers AWS Shared Responsibility Model Customers are responsible for their security and compliance IN the Cloud AWS is responsible for the security OF the Cloud
GDPR is also a “shared responsibility” Legal Compliance (both controllers and processors) System Security and Data Protection by Design (both controllers and processors; AWS has tooling to help) Records of Processing Activities (both controllers and processors; AWS has tooling to help) Encryption (both controllers and processors; AWS has have tooling to help) Security of Personal Data (controller responsibility) Managing Data Subject Consent (controller responsibility) Managing Personal Data Deletion (both controllers and processors; AWS has tooling to help) Managing Personal Data Portability (controller responsibility)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. N a v i g a t i n g G D P R C o m p l i a n c e w i t h A W S S e r v i c e s ‘Security of processing’‘Data protection by design and default’ ‘Records of processing activities’ Amazon Snowball Amazon Virtual Private Cloud (VPC) Amazon API Gateway AWS KMS AWS CloudHSM Server-side Encryption AWS Identity and Access Management SAML Federation Active Directory Integration AWS Service Catalog AWS CloudTrail AWS Config
The controller “shall implement appropriate technical and organizational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed.” Multi factor authentication API-Request Authentication Temporary Access Tokens GDPR Compliance Tools
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Access Control
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Access Control
GDPR Compliance Tools “Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility.” CloudTrail Inspector Macie AWS Config
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Monitoring and Logging
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Amazon GuardDuty
GDPR Compliance Tools Organizations must “implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the pseudonymisation and encryption of personal data.” Encryption of your data at rest with AES256 (EBS/S3/Glacier/RDS) Centralized (by Region) managed Key-Management (KMS) IPsec tunnels into AWS with the VPN-Gateways Dedicated HSM modules in the cloud with CloudHSM
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Encryption
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Amazon Key Management Service (KMS)
GDPR Compliance Tools Appropriate technical and organizational measures may need to include “the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of the processing systems and services.” SOC 1 / SSAE 16 / ISAE 3402 (formerly SAS 70) / SOC 2 / SOC 3 PCI DSS Level 1 ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018 FIPS 140-2 C5
AWS Foundation Services AWS Global Infrastructure Your own accreditation Meet your own security objectives Your own certifications Your own external audits Customer scope and effort is reduced Better results through focused efforts Built on AWS consistent baseline controls Customers GDPR Code of Conducts
GDPR – Codes of Conduct CISPE Code (Cloud Infrastructure Service Providers in Europe) The CISPE Code of Conduct : • An effective, easily accessed framework for complying with the EU’s GDPR • Excludes the re-use of customer data • Enables data storage and processing exclusively within the EU • Identifies cloud infrastructure services suitable for different types of data processing • Helps citizens to retain control of their personal and sensitive data • AWS CISPE certified • CISPE Code of Conduct in evaluation by Article 29 WP
AWS Marketplace: One stop shop for familiar tools
AWS Partner Network (APN) & GDPR Consulting Partners APN consulting partners can help your customers get ready for GDPR. Technology Partners APN technology partners offer security & identity solutions to help with GDPR. /
ProServe Offering Development: Technical Solution supporting Privacy-by-Design • SRC ProServe team is in discovery efforts to understand what our customers are seeking to learn with regard to GDPR. If you have anything you would like to share please reach out to the ProServe contacts below. • Current activities underway include: • Offering Development: Sales & Delivery Assets targeted for February (legal dependencies) • Partner Development: Working with some of our Partners to build/create go to market information. • Customer Engagement: Webinars are planned to support Venture Capital Business; if you are interested please reach out. • Security Summit/Lofts: Will be present to at several events to support customers onsite
© 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR
Thank You

Empfohlen

AWS Shared Responsibility Model and GDPR
AWS Shared Responsibility Model and GDPRAWS Shared Responsibility Model and GDPR
AWS Shared Responsibility Model and GDPRAmazon Web Services
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
Real-Time Insights Lab and Lab Prep
Real-Time Insights Lab and Lab PrepReal-Time Insights Lab and Lab Prep
Real-Time Insights Lab and Lab PrepAmazon Web Services
 
Enabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSEnabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSAmazon Web Services
 
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfHow to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAmazon Web Services
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale Amazon Web Services
 

Empfohlen

AWS Shared Responsibility Model and GDPR
AWS Shared Responsibility Model and GDPRAWS Shared Responsibility Model and GDPR
AWS Shared Responsibility Model and GDPRAmazon Web Services
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
Real-Time Insights Lab and Lab Prep
Real-Time Insights Lab and Lab PrepReal-Time Insights Lab and Lab Prep
Real-Time Insights Lab and Lab PrepAmazon Web Services
 
Enabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSEnabling Compliance with GDPR on AWS
Enabling Compliance with GDPR on AWSAmazon Web Services
 
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfHow to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdfAmazon Web Services
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale Amazon Web Services
 
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSAmazon Web Services
 
Enabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfEnabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfAmazon Web Services
 
Best Practices for Encrypting Data on AWS
Best Practices for Encrypting Data on AWSBest Practices for Encrypting Data on AWS
Best Practices for Encrypting Data on AWSAmazon Web Services
 
GDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUGDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUAmazon Web Services
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWSAmazon Web Services
 
Navigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSNavigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSAmazon Web Services
 
GDPR and Automation Overview
GDPR and Automation OverviewGDPR and Automation Overview
GDPR and Automation OverviewAmazon Web Services
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWSAmazon Web Services
 
AWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAmazon Web Services
 
Impact of gdpr on cloud computing
Impact of gdpr on cloud computingImpact of gdpr on cloud computing
Impact of gdpr on cloud computingJackRichard17
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Navigating GDPR Compliance on AWS - AWS Online Tech Talks
Navigating GDPR Compliance on AWS - AWS Online Tech TalksNavigating GDPR Compliance on AWS - AWS Online Tech Talks
Navigating GDPR Compliance on AWS - AWS Online Tech TalksAmazon Web Services
 
SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWS SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWSAmazon Web Services
 
Enabling Compliance with EU Privacy Laws
Enabling Compliance with EU Privacy LawsEnabling Compliance with EU Privacy Laws
Enabling Compliance with EU Privacy LawsAmazon Web Services
 
Deep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignDeep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignAmazon Web Services
 
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSBuilding an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSAmazon Web Services
 
The Perimeter Is Dead
The Perimeter Is DeadThe Perimeter Is Dead
The Perimeter Is DeadAmazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Automating AWS security and compliance
Automating AWS security and compliance Automating AWS security and compliance
Automating AWS security and compliance John Varghese
 
Navigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSNavigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSAmazon Web Services
 
Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Net4All
 

Weitere ähnliche Inhalte

Was ist angesagt?

Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSAmazon Web Services
 
Enabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfEnabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfAmazon Web Services
 
Best Practices for Encrypting Data on AWS
Best Practices for Encrypting Data on AWSBest Practices for Encrypting Data on AWS
Best Practices for Encrypting Data on AWSAmazon Web Services
 
GDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUGDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUAmazon Web Services
 
Navigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSNavigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSAmazon Web Services
 
AWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAmazon Web Services
 
Impact of gdpr on cloud computing
Impact of gdpr on cloud computingImpact of gdpr on cloud computing
Impact of gdpr on cloud computingJackRichard17
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSAmazon Web Services
 
Navigating GDPR Compliance on AWS - AWS Online Tech Talks
Navigating GDPR Compliance on AWS - AWS Online Tech TalksNavigating GDPR Compliance on AWS - AWS Online Tech Talks
Navigating GDPR Compliance on AWS - AWS Online Tech TalksAmazon Web Services
 
SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWS SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWSAmazon Web Services
 
Enabling Compliance with EU Privacy Laws
Enabling Compliance with EU Privacy LawsEnabling Compliance with EU Privacy Laws
Enabling Compliance with EU Privacy LawsAmazon Web Services
 
Deep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignDeep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignAmazon Web Services
 
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSBuilding an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSAmazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Automating AWS security and compliance
Automating AWS security and compliance Automating AWS security and compliance
Automating AWS security and compliance John Varghese
 

Was ist angesagt? (20)

Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWSEnabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWS
 
Enabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdfEnabling Compliance with GDPR on AWS.pdf
Enabling Compliance with GDPR on AWS.pdf
 
Best Practices for Encrypting Data on AWS
Best Practices for Encrypting Data on AWSBest Practices for Encrypting Data on AWS
Best Practices for Encrypting Data on AWS
 
GDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EUGDPR: Raising the Bar for Security & Compliance Across the EU
GDPR: Raising the Bar for Security & Compliance Across the EU
 
Managing Security on AWS
Managing Security on AWSManaging Security on AWS
Managing Security on AWS
 
Navigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSNavigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWS
 
GDPR and Automation Overview
GDPR and Automation OverviewGDPR and Automation Overview
GDPR and Automation Overview
 
Security Architectures on AWS
Security Architectures on AWSSecurity Architectures on AWS
Security Architectures on AWS
 
AWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPRAWS per la semplificazione del percorso di conformità al GDPR
AWS per la semplificazione del percorso di conformità al GDPR
 
Impact of gdpr on cloud computing
Impact of gdpr on cloud computingImpact of gdpr on cloud computing
Impact of gdpr on cloud computing
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Navigating GDPR Compliance on AWS - AWS Online Tech Talks
Navigating GDPR Compliance on AWS - AWS Online Tech TalksNavigating GDPR Compliance on AWS - AWS Online Tech Talks
Navigating GDPR Compliance on AWS - AWS Online Tech Talks
 
SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWS SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWS
 
Enabling Compliance with EU Privacy Laws
Enabling Compliance with EU Privacy LawsEnabling Compliance with EU Privacy Laws
Enabling Compliance with EU Privacy Laws
 
Deep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignDeep Dive - AWS Security by Design
Deep Dive - AWS Security by Design
 
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSBuilding an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWS
 
The Perimeter Is Dead
The Perimeter Is DeadThe Perimeter Is Dead
The Perimeter Is Dead
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics Webinar
 
Automating AWS security and compliance
Automating AWS security and compliance Automating AWS security and compliance
Automating AWS security and compliance
 

Ähnlich wie Navigating GDPR Compliance on AWS

Navigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSNavigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSAmazon Web Services
 
Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Net4All
 
Navigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaNavigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaAmazon Web Services
 
Gdpr compliance on_aws
Gdpr compliance on_awsGdpr compliance on_aws
Gdpr compliance on_awssaifam
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology GovernanceAlert Logic
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23Rolf Koski
 
How to Choose a Cloud Service Provider?
How to Choose a Cloud Service Provider?How to Choose a Cloud Service Provider?
How to Choose a Cloud Service Provider?Marianne Harness
 
Security & Compliance in the cloud
Security & Compliance in the cloudSecurity & Compliance in the cloud
Security & Compliance in the cloudAmazon Web Services
 
Sicurezza e conformità al GDPR con AWS
Sicurezza e conformità al GDPR con AWSSicurezza e conformità al GDPR con AWS
Sicurezza e conformità al GDPR con AWSAmazon Web Services
 
Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...
Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...
Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...Amazon Web Services
 
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS ComplianceAWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS ComplianceAmazon Web Services
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduVladimir Simek
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAmazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...Amazon Web Services
 

Ähnlich wie Navigating GDPR Compliance on AWS (20)

Navigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWSNavigating GDPR Compliance on AWS
Navigating GDPR Compliance on AWS
 
Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...Accelerate your Cloud journey with security and compliance by design - Margo ...
Accelerate your Cloud journey with security and compliance by design - Margo ...
 
GDPR x AWS 導覽 (Level 200)
GDPR x AWS 導覽 (Level 200)GDPR x AWS 導覽 (Level 200)
GDPR x AWS 導覽 (Level 200)
 
Navigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaNavigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in China
 
Gdpr compliance on_aws
Gdpr compliance on_awsGdpr compliance on_aws
Gdpr compliance on_aws
 
Modernizing Technology Governance
Modernizing Technology GovernanceModernizing Technology Governance
Modernizing Technology Governance
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23
 
How to Choose a Cloud Service Provider?
How to Choose a Cloud Service Provider?How to Choose a Cloud Service Provider?
How to Choose a Cloud Service Provider?
 
Security & Compliance in the cloud
Security & Compliance in the cloudSecurity & Compliance in the cloud
Security & Compliance in the cloud
 
Sicurezza e conformità al GDPR con AWS
Sicurezza e conformità al GDPR con AWSSicurezza e conformità al GDPR con AWS
Sicurezza e conformità al GDPR con AWS
 
Security & Compliance
Security & ComplianceSecurity & Compliance
Security & Compliance
 
Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...
Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...
Critical Hong Kong Banking, Securities and Insurance Workloads on the Cloud –...
 
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS ComplianceAWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
AWS FSI Symposium 2017 NYC- Shared Reponsibility & AWS Compliance
 
AWS - Security & Compliance
AWS - Security & ComplianceAWS - Security & Compliance
AWS - Security & Compliance
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Navigating GDPR Compliance on AWS

  • 1. AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services
  • 2. What is the GDPR?
  • 3. What is the GDPR? • The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection Regulation • Introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance across the EU • The GDPR is enforceable May 25th, 2018 and it replaces the EU Data Protection Directive (Directive 95/46/EC) • Territorial scope: Organisations established in the EU and Organisations without an EU presence who target or monitor EU individuals
  • 4. Content vs. Personal Data Content = anything that a customer (or any end user) stores, or processes using AWS services, including: Software ǀ Data ǀ Text ǀ Audio ǀ Video Personal Data = information from which a living individual may be identified or identifiable (under EU data protection law) • Customer’s “content” might include “personal data”
  • 5. What Else Comes With GDPR? Individuals have the right to a copy of all the personal data that controllers have regarding him or her. It also must be provided in a way that facilitates reuse.
  • 6. What Else Comes With GDPR? This gives individuals the right to have certain personal data deleted so third parties can no longer trace them.
  • 7. This helps to facilitate the inclusion of policies, guidelines, and work instructions related to data protection in the earliest stages of projects including personal data. What Else Comes With GDPR?
  • 8. Controllers must report personal data breaches to the relevant supervisory authority within 72 hours. If there is a high risk to the rights and freedoms of data subjects, they must also notify the data subjects. What Else Comes With GDPR?
  • 9. How AWS can help customers achieve GDPR compliance
  • 10. Bringing it all together Data Subjects Customers are Controllers AWS as Processor Controllers and Processors have obligations under GDPR
  • 11. Bringing it all together Data Subjects Customer as Processor AWS as Processor Controllers and Processors have obligations under GDPR Customer’s customer as Controller
  • 12. Under GDPR Controllers and Processors are required to implement appropriate Technical and Organization Measures (“TOMs”) … (1) Pseudonymisation and encryption of personal data (2) Ensure ongoing confidentiality, integrity, availability, and resilience of processing systems and services (3) Ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident (4) Process for regularly testing, assessing, and evaluating the effectiveness of TOMs GDPR in practice: implementing TOMs
  • 13. What AWS provides Tools and Services Compliance Framework Partner Network §§ Data Protection Terms§§
  • 14. AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Customer content Customers AWS Shared Responsibility Model Customers are responsible for their security and compliance IN the Cloud AWS is responsible for the security OF the Cloud
  • 15. GDPR is also a “shared responsibility” Legal Compliance (both controllers and processors) System Security and Data Protection by Design (both controllers and processors; AWS has tooling to help) Records of Processing Activities (both controllers and processors; AWS has tooling to help) Encryption (both controllers and processors; AWS has have tooling to help) Security of Personal Data (controller responsibility) Managing Data Subject Consent (controller responsibility) Managing Personal Data Deletion (both controllers and processors; AWS has tooling to help) Managing Personal Data Portability (controller responsibility)
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. N a v i g a t i n g G D P R C o m p l i a n c e w i t h A W S S e r v i c e s ‘Security of processing’‘Data protection by design and default’ ‘Records of processing activities’ Amazon Snowball Amazon Virtual Private Cloud (VPC) Amazon API Gateway AWS KMS AWS CloudHSM Server-side Encryption AWS Identity and Access Management SAML Federation Active Directory Integration AWS Service Catalog AWS CloudTrail AWS Config
  • 17. The controller “shall implement appropriate technical and organizational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed.” Multi factor authentication API-Request Authentication Temporary Access Tokens GDPR Compliance Tools
  • 18. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Access Control
  • 19. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Access Control
  • 20. GDPR Compliance Tools “Each controller and, where applicable, the controller’s representative, shall maintain a record of processing activities under its responsibility.” CloudTrail Inspector Macie AWS Config
  • 21. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Monitoring and Logging
  • 22. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Amazon GuardDuty
  • 23. GDPR Compliance Tools Organizations must “implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the pseudonymisation and encryption of personal data.” Encryption of your data at rest with AES256 (EBS/S3/Glacier/RDS) Centralized (by Region) managed Key-Management (KMS) IPsec tunnels into AWS with the VPN-Gateways Dedicated HSM modules in the cloud with CloudHSM
  • 24. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Encryption
  • 25. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR Amazon Key Management Service (KMS)
  • 26. GDPR Compliance Tools Appropriate technical and organizational measures may need to include “the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of the processing systems and services.” SOC 1 / SSAE 16 / ISAE 3402 (formerly SAS 70) / SOC 2 / SOC 3 PCI DSS Level 1 ISO 9001 / ISO 27001 / ISO 27017 / ISO 27018 FIPS 140-2 C5
  • 27. AWS Foundation Services AWS Global Infrastructure Your own accreditation Meet your own security objectives Your own certifications Your own external audits Customer scope and effort is reduced Better results through focused efforts Built on AWS consistent baseline controls Customers GDPR Code of Conducts
  • 28. GDPR – Codes of Conduct CISPE Code (Cloud Infrastructure Service Providers in Europe) The CISPE Code of Conduct : • An effective, easily accessed framework for complying with the EU’s GDPR • Excludes the re-use of customer data • Enables data storage and processing exclusively within the EU • Identifies cloud infrastructure services suitable for different types of data processing • Helps citizens to retain control of their personal and sensitive data • AWS CISPE certified • CISPE Code of Conduct in evaluation by Article 29 WP
  • 29. AWS Marketplace: One stop shop for familiar tools
  • 30. AWS Partner Network (APN) & GDPR Consulting Partners APN consulting partners can help your customers get ready for GDPR. Technology Partners APN technology partners offer security & identity solutions to help with GDPR. /
  • 31. ProServe Offering Development: Technical Solution supporting Privacy-by-Design • SRC ProServe team is in discovery efforts to understand what our customers are seeking to learn with regard to GDPR. If you have anything you would like to share please reach out to the ProServe contacts below. • Current activities underway include: • Offering Development: Sales & Delivery Assets targeted for February (legal dependencies) • Partner Development: Working with some of our Partners to build/create go to market information. • Customer Engagement: Webinars are planned to support Venture Capital Business; if you are interested please reach out. • Security Summit/Lofts: Will be present to at several events to support customers onsite
  • 32. © 2018, Amazon Web Services, Inc. or Its Affiliates. All rights reserved. AWS & The GDPR