Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Transformation Track AWS Cloud Experience Argentina - Principales Mitos de Seguridad en AWS

89 Aufrufe

Veröffentlicht am

Principales Mitos de Seguridad en AWS - AWS Cloud Experience Argentina

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Transformation Track AWS Cloud Experience Argentina - Principales Mitos de Seguridad en AWS

  1. 1. 2 0 1 9
  2. 2. Principales mitos de seguridad en AWS! Eliminados! M a r t i n D o m i n g u e z S o l u t i o n s A r c h i t e c t m p _ d o m i n g u e z J a v i e r O l i v o C l o u d S p e c i a l i s t M c A f e e
  4. 4. The three stages of cloud security curiosity General cloud security Specific service security Data security New to cloud and / or business teams Experienced in cloud and / or technology teams Advanced in cloud and / or risk teams
  5. 5. Cloud security Service security Part 1: General cloud security Data security
  6. 6. Myth 01 “La nube publica no es tan segura como mi infraestructura on-premises y no es tan segura como mi nube privada”
  7. 7. 01: AWS security of the cloud and in the cloud Visible AutomatedPhysical AWS’s global infrastructure is built to meet the requirements of the most security-sensitive organizations in the world
  8. 8. Myth 02 “Cuando ponga mis datos en la nube pierdo propiedad de ellos y talvez se muevan a traves de diferentes paises.”
  9. 9. 02: You own and control your content Access TraceabilityOwnership You retain ownership and control of your content, and you choose which region that content resides in
  10. 10. Myth 03 “Soy un negocio altamente regulado y no puedo usar la nube por mis requerimientos de cumplimiento legales.”
  11. 11. 03: AWS global compliance program Countries Enterprise agreement Certifications Our security assurance program meets or exceeds industry, country- specific, and global security requirements
  12. 12. Myth 04 “Mi negocio requiere datos personales confidenciales, no puedo usar la nube.”
  13. 13. 04: Using encryption on AWS AWS KMS High standardsUbiquitous AWS encryption services are integrated into dozens of our services and meet the strictest industry requirements
  14. 14. Myth 05 “Tengo requisitos para pruebas de seguridad, no puedo hacer esto en la nube.”
  15. 15. 05: Security testing on AWS Seek approval Or use pre-approved Shared responsibility AWS permits security testing of your resources in line with our acceptable usage policy, and we provide tools to help you
  16. 16. Cloud security Service security Data security Part 2: Specific service security
  17. 17. Myth 06 “Todos mis sistemas operativos son parchados automáticamente en la nube.”
  18. 18. 06: Patch management on AWS How we help Our responsibility Your responsibility You are responsible for patching operating systems that you manage. AWS is responsible for patching services that we manage
  19. 19. Myth 07 “No puedo usar la nube para almacenar datos confidenciales porque todos tendrán acceso a ellos.”
  20. 20. 07: How to secure data in Amazon Simple Storage Service (Amazon S3) Notify RespondProtect Amazon S3 and our other storage services are secure by default. Customers control who can access their data, and AWS provides multiple tools so you can understand how access is configured
  21. 21. Myth 08 “Escucho que las claves secretas son robadas, la forma en que ustedes otorgan el acceso no es seguro.”
  22. 22. 08: How to protect AWS credentials Amazon GuardDuty Multi-factor authentication AWS provides a number of tools to protect your identity and access credentials and to help you detect misuse Temporary access
  23. 23. Myth 09 “No puedo controlar la eliminación de mis datos y no puedo verificar que se hayan eliminado.”
  24. 24. 09: How AWS manages data deletion Physical ValidatedLogical When you delete your data we take multiple steps to wipe it and eventually destroy it. This process is validated by independent third parties
  25. 25. Myth 10 “Los servicios serverless no son seguros porque se comparten entre clientes.”
  26. 26. 10: How AWS protects serverless services Identity Limited surface When you use AWS’s serverless services you inherit the multiple layers of strong security controls that are built into our core services Building blocks
  27. 27. Cloud security Service security Data security Part 2: Specific service security
  28. 28. Myth 11 “El gobierno puede acceder a mis datos en cualquier momento.”
  29. 29. 11: How AWS manages information requests Notification EncryptionValid requests Amazon does not disclose customer information unless we’re required to do so to comply with a legally valid and binding order. Where we need to act publicly to protect customers, we do
  30. 30. Myth 12 “Un usuario malintencionado puede ver mis datos a través de su acceso administrativo compartido.”
  31. 31. 12: How AWS manages administrative access Process controls Technology controls AWS strictly controls our infrequent administrative access to services. This process has executive oversight within AWS and is validated by independent third parties Automation
  32. 32. Myth 13 “Es posible pasar por alto su tecnología de aislamiento y acceder a los datos de otra persona.”
  33. 33. 13: How AWS secures the hypervisor Experience AWS has over a decade of experience securing our virtualization technology. We provide a deep level of isolation within the cloud Customization & innovation Isolation
  34. 34. Cloud security Service security Data security Part 2: Specific service security
  35. 35. Security benefits of the AWS cloud Automate with deeply integrated security services Inherit global security and compliance controls Highest standards for privacy and data security Largest network of security partners and solutions Scale with superior visibility and control
  37. 37. ¡GRACIAS!