SlideShare ist ein Scribd-Unternehmen logo

Winning Governance Strategies for the Technology Disruptions of our Time

Als PPTX, PDF herunterladen
C
CloudHesive

Winning Governance Strategies for the Technology Disruptions of our Time

Technologie
1 von 28
Winning Governance Strategies for the Technology Disruptions of our Time ISACA South Florida Annual GRC Conference June 22, 2018 Patrick Hannah, VP of Engineering, CloudHesive
About Me • Who am I? • What’s my background?
About CloudHesive • Professional Services – Assessment (Current environment, datacenter or cloud footprint) – Strategy (Getting to the future state) – Migration (Environment-to-cloud, Datacenter-to-cloud) – Implementation (Point solutions) – Support (Break/fix and ongoing enhancement) • DevOps Services – Assessment – Strategy – Implementation (Point solutions) – Management (Supporting infrastructure, solutions or ongoing enhancement) – Support (Break/fix and ongoing enhancement) • Managed Security Services (SecOps) – Encryption as a Service (EaaS) – encryption at rest and in flight – End Point Security as a Service – Threat Management – SOC II Type 2 Validated • Next Generation Managed Services – Leveraging our Professional, DevOps and Managed Security Services – Single payer billing – Intelligent operations and automation – AWS Audited
Agenda • Disruptive technology history • Challenges faced in GRC by disruptive technologies • Brief introduction to AWS • Introduction of Shared Responsibility models, specifically around Cloud Computing and AWS • Overview of AWS Frameworks that can be leveraged by Security and Compliance teams for GRC with technology disruptors • Overview of AWS Services that can be leveraged to support GRC on AWS • Overview of AWS Reference Architectures that align to a number of Frameworks and leverage the previously referenced AWS Services • Conclusion
Disruptive Technology History • Then – Storage – Communications – Computing – Transportation – Manufacturing – Discreet Components • Now – Social – Mobile – Analytics/Big Data/AI – Cloud – Smart Things/IoT – Blockchain
Challenges faced in GRC by disruptive technologies • Endpoints – From a single, non network connected computing device to multiple (desktops, laptops, tablets, mobile phones), mixed platforms – Smart Appliances (Kitchen, TV, etc.), Consumer IoT (Smart Home, Alexa, Dash, etc.), Commercial/Industrial IoT (Environmental, Manufacturing, etc.), also mixed platforms • Data – Wider breadth of sources, formats, and technologies to ingest, process, store, retrieve, analyze and display – Growth in the four v’s (volume, variety, velocity and veracity) • Policy – Attempting to apply legacy policies to disruptive technologies – Looked at as not agile/slow to adopt disruptive technologies/slow to apply to disruptive technologies • Shadow IT – The nature of disruptive technologies supports the adoption of them by non IT users – Disruptive technologies tend to be enablers to avoid traditional methods of acquisition
Who is using AWS (US and Abroad)? • Federal Government • Government-Sponsored Enterprise • State • Local • Higher Education • K-12 • Non-Profit • Private Sector
GovCloud • Additional Assurance Programs Above and Beyond other AWS Regions – ITAR – FedRAMP ATO (High for GovCloud, Medium for us-east/west) – DoD SRG (2,4,5 for GovCloud, 2 for us-east/west) • General – Separate Endpoints (utilize FIPS 140-2 approved cryptographic modules) – Separate Namespace – Separate Authentication (Tied to a non-GovCloud account for billing purposes - no Root Account) – 46 of the 127 AWS Services Available (EC2 Classic not Available) – US Citizen only Access • Physical Location – Northwestern US – Eastern US (forthcoming)
AWS Shared Responsibility Model
Cloud Adoption Framework • Perspectives – Business • Value Realization – People • Roles & Readiness – Governance • Prioritization & Control – Platform • Applications & Infrastructure – Security • Risk & Compliance – Operations • Manage & Scale
Well Architected Framework • Operational Excellence • Security • Reliability • Performance Efficiency • Cost Optimization
General Design Principles • Stop guessing your capacity needs • Test systems at production scale • Automate to make architectural experimentation easier • Allow for evolutionary architectures • Drive architectures using data • Improve through game days
Operational Excellence • Design Principles – Perform operations as code – Annotate documentation – Make frequent, small, reversible changes – Refine operations procedures frequently – Anticipate failure – Learn from all operational failures • Best Practices – Prepare – Operate – Evolve
Security • Design Principles – Implement a strong identity foundation – Enable traceability – Apply security at all layers – Automate security best practices – Protect data in transit and at rest – Prepare for security events • Best Practices – Identity and Access Management – Detective Controls – Infrastructure Protection – Data Protection – Incident Response
Reliability • Design Principles – Test recovery procedures – Automatically recover from failure – Scale horizontally to increase aggregate system availability – Stop guessing capacity – Manage change in automation • Best Practices – Foundations – Change Management – Failure Management
Performance Efficiency • Design Principles – Democratize advanced technologies – Go global in minutes – Use serverless architectures – Experiment more often – Mechanical sympathy • Best Practices – Selection – Review – Monitoring – Tradeoffs
Cost Optimization • Design Principles – Adopt a consumption model – Measure overall efficiency – Stop spending money on data center operations – Analyze and attribute expenditure – Use managed services to reduce cost of ownership • Best Practices – Cost-Effective Resources – Matching Supply and Demand – Expenditure Awareness – Optimizing Over Time
Sample Implementation • “NIST Quickstart” • Based on Cybersecurity Framework, SP 800-53, SP 800-37 • Corresponding Guide + Controls Matrix • CIS and PCI Variants Available • Good starting point
Supporting Services • VPC: Security Groups (Stateful Firewall) + NACLs (Stateless Firewall) • VPC: Flow Logs (NetFlow) • VPC: VGW (Point to Point and IPSEC Connectivity) + Peering (VPC to VPC Connectivity) + Endpoints (Private Connectivity to AWS Services) • VPC: NAT Gateway (Private to Public IP Address NAT’ing) • EC2: Patch Manager (OS and above patching + auditing) • EC2: Parameter Store (Secure Storage of Service Accounts)
Supporting Services • S3/Glacier: File based storage with AAA, versioning, secure delete + policy based retention • Code Commit/ECS: Secure Application and Artifact Repository • Code Deploy/Run Command: “Hands off” OS and configuration management + application deployment • CloudWatch Logs: OS and above log management • CloudWatch Events + Lambda: Event triggered code • CloudTrail: Audit Trail, Exportable as JSON to idempotent storage
Supporting Services • Config: Point in time snapshots of configuration items, Exportable as JSON to idempotent storage • OpsWorks + Elastic Beanstalk: “Hands off” infrastructure management • CloudFormation: Infrastructure automation described as JSON/YAML, Version Controllable • IAM + Directory Service + SSO: Standalone and Federated AAA • KMS: FIPS 140-2 Certified cryptographic module with integration to various AWS services, provides expiration and ability to provide self-generated cryptographic material • CloudHSM: FIPS 140-2 Certified cryptographic module with PKCS11 and JCE Interfaces
Supporting Services • Certificate Manager: Secure Certificate Store • Workspaces: Secure Bastion • WAF: Layer 7 WAF • Shield + AutoScaling + ELB + Cloud Front: DoS/DDoS Protection • Artifact: AWS Audit Reports available on demand • Tags: Built-in asset + inventory marking and tracking on configuration items • Service Catalog: Predefined configurations available to end users, can be integrated to ITSM system
Enforcement • AWS – Guard Duty – Inspector – Macie – Trusted Advisor – Config Rules – Various “Widgets” • Third Party – CIS CAT – CloudCheckr – AlertLogic – Tenable
Conclusion • AWS provides a number of services to support your frameworks + controls, in addition to core infrastructure (server + storage) capabilities. • AWS provides guidance (in the form of the CAF and WAF) for organizations which do not have an existing framework to base their cloud adoption model on. • Getting started on AWS is easy; with the free tier, you can experiment with a number of services without incurring significant cost. • Adoption of AWS in your organization can be as easy or as hard as you want to make it; start simple and iterate.
Recommended Reading • AWS Well Architected Framework – https://aws.amazon.com/architecture/well-architected/ • AWS Cloud Adoption Framework – https://aws.amazon.com/professional-services/CAF/ • AWS Cloud Transformation Maturity Model – https://d0.awsstatic.com/whitepapers/AWS-Cloud-Transformation-Maturity-Model.pdf • Shared Responsibility Model – https://aws.amazon.com/compliance/shared-responsibility-model/ • Operational Checklists for AWS – https://d1.awsstatic.com/whitepapers/aws-operational-checklists.pdf • Introduction to Auditing the Use of AWS – https://d1.awsstatic.com/whitepapers/compliance/AWS_Auditing_Security_Checklist.pdf
Further Learning • Getting Started: https://aws.amazon.com/getting-started • General Reference: http://docs.aws.amazon.com/general/latest/gr • Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/ • FAQs: https://aws.amazon.com/faqs • Documentation: https://aws.amazon.com/documentation/ • Architecture: https://aws.amazon.com/architecture • Whitepapers: https://aws.amazon.com/whitepapers • Security: https://aws.amazon.com/security • Blog: https://aws.amazon.com/blogs • Service Specific Pages: https://aws.amazon.com/service • AWS Answers: https://aws.amazon.com/answers/ • AWS Knowledge Center: https://aws.amazon.com/premiumsupport/knowledge-center/ • SlideShare: http://www.slideshare.net/AmazonWebServices • Github: https://github.com/aws and https://github.com/awslabs
Further Learning – Security • http://blogs.aws.amazon.com/security/post/Tx71TWXXJ3UI14/Enabling-Federation-to-AWS-using-Windows-Active- Directory-ADFS-and-SAML-2-0 • http://blogs.aws.amazon.com/security/post/Tx1LDN0UBGJJ26Q/How-to-Implement-Federated-API-and-CLI- Access-Using-SAML-2-0-and-AD-FS • http://blogs.aws.amazon.com/security/post/Tx2KL0TCWFBBAB1/How-to-Use-a-Single-IAM-User-to-Easily-Access- All-Your-Accounts-by-Using-the-AWS • http://blogs.aws.amazon.com/security/post/Tx1XWZ93EAFL9C4/How-to-Switch-Easily-Between-AWS-Accounts-by- Using-the-AWS-Management-Console-an • http://blogs.aws.amazon.com/security/post/Tx4BUZIS3E2QG2/Make-a-New-Year-s-Resolution-Adhere-to-IAM-Best- Practices • http://blogs.aws.amazon.com/security/post/TxASQFTVGZ5HMT/How-to-Receive-Alerts-When-Your-IAM- Configuration-Changes • http://blogs.aws.amazon.com/security/post/Tx3PSPQSN8374D/How-to-Receive-Notifications-When-Your-AWS- Account-s-Root-Access-Keys-Are-Used • http://blogs.aws.amazon.com/security/post/Tx3NVS2JAL7KWOM/How-to-Help-Prepare-for-DDoS-Attacks-by- Reducing-Your-Attack-Surface • http://blogs.aws.amazon.com/security/post/Tx280RX2WH6WUD7/Remove-Unnecessary-Permissions-in-Your-IAM- Policies-by-Using-Service-Last-Access • http://www.slideshare.net/AmazonWebServices/network-security-and-access-control-within-aws-54456790 • http://www.slideshare.net/AmazonWebServices/cloud-security-guidance-from-cesg-and-aws
Meetups • Boca Raton: https://www.meetup.com/awsflorida/ • Doral: https://www.meetup.com/AWSUserGroupDoral/ • Fort Lauderdale: https://www.meetup.com/South-Florida-Amazon-Web-Services-Meetup/ • Jacksonville: https://www.meetup.com/AWS-User-Groups-of-Florida-Jacksonville/ • Miami: https://www.meetup.com/Miami-AWS-Users-Group/ • Miami Beach: https://www.meetup.com/aws-user-group-miami/ • Orlando: https://www.meetup.com/Orlando-AWS-Users-Group/ • Palm Beach Gardens: https://www.meetup.com/AWS-Users-Group-of-Florida-Palm-Beach- Gardens/ • Tampa: https://www.meetup.com/Tampa-AWS-Users-Group/ • Montevideo, Uruguay: https://www.meetup.com/Meetup-de-Amazon-Web-Services-AWS-en- Montevideo/ • Asuncion, Paraguay: https://www.meetup.com/Meetup-de-Amazon-Web-Services-en-Asuncion/ • South Florida Jenkins Area Meetup: https://www.meetup.com/South-Florida-Jenkins-Area-Meetup/

Empfohlen

Fort Lauderdale Tech Talks - The Future is the Cloud
Fort Lauderdale Tech Talks - The Future is the CloudFort Lauderdale Tech Talks - The Future is the Cloud
Fort Lauderdale Tech Talks - The Future is the CloudCloudHesive
 
Operating and Managing Hybrid Cloud on AWS
Operating and Managing Hybrid Cloud on AWSOperating and Managing Hybrid Cloud on AWS
Operating and Managing Hybrid Cloud on AWSTom Laszewski
 
Cost Optimization at Scale
Cost Optimization at ScaleCost Optimization at Scale
Cost Optimization at ScaleAmazon Web Services
 
AWS 101 - An Introduction to the Amazon Cloud
AWS 101 - An Introduction to the Amazon CloudAWS 101 - An Introduction to the Amazon Cloud
AWS 101 - An Introduction to the Amazon CloudCloudHesive
 
Big Data and Machine Learning on AWS
Big Data and Machine Learning on AWSBig Data and Machine Learning on AWS
Big Data and Machine Learning on AWSCloudHesive
 
Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...
Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...
Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...Amazon Web Services
 
Key Considerations for Cloud Procurement - AWS Innovate Ottawa:
Key Considerations for Cloud Procurement - AWS Innovate Ottawa: Key Considerations for Cloud Procurement - AWS Innovate Ottawa:
Key Considerations for Cloud Procurement - AWS Innovate Ottawa:Amazon Web Services
 
AWS 2020 Year in Review reInvent ReCap
AWS 2020 Year in Review reInvent ReCapAWS 2020 Year in Review reInvent ReCap
AWS 2020 Year in Review reInvent ReCapCloudHesive
 

Empfohlen

Fort Lauderdale Tech Talks - The Future is the Cloud
Fort Lauderdale Tech Talks - The Future is the CloudFort Lauderdale Tech Talks - The Future is the Cloud
Fort Lauderdale Tech Talks - The Future is the CloudCloudHesive
 
Operating and Managing Hybrid Cloud on AWS
Operating and Managing Hybrid Cloud on AWSOperating and Managing Hybrid Cloud on AWS
Operating and Managing Hybrid Cloud on AWSTom Laszewski
 
Cost Optimization at Scale
Cost Optimization at ScaleCost Optimization at Scale
Cost Optimization at ScaleAmazon Web Services
 
AWS 101 - An Introduction to the Amazon Cloud
AWS 101 - An Introduction to the Amazon CloudAWS 101 - An Introduction to the Amazon Cloud
AWS 101 - An Introduction to the Amazon CloudCloudHesive
 
Big Data and Machine Learning on AWS
Big Data and Machine Learning on AWSBig Data and Machine Learning on AWS
Big Data and Machine Learning on AWSCloudHesive
 
Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...
Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...
Understanding AWS Managed Databases and Analytic Services - AWS Innovate Otta...Amazon Web Services
 
Key Considerations for Cloud Procurement - AWS Innovate Ottawa:
Key Considerations for Cloud Procurement - AWS Innovate Ottawa: Key Considerations for Cloud Procurement - AWS Innovate Ottawa:
Key Considerations for Cloud Procurement - AWS Innovate Ottawa:Amazon Web Services
 
AWS 2020 Year in Review reInvent ReCap
AWS 2020 Year in Review reInvent ReCapAWS 2020 Year in Review reInvent ReCap
AWS 2020 Year in Review reInvent ReCapCloudHesive
 
Cloud Adoption Framework - AWS Innovate Ottawa:
Cloud Adoption Framework - AWS Innovate Ottawa: Cloud Adoption Framework - AWS Innovate Ottawa:
Cloud Adoption Framework - AWS Innovate Ottawa:Amazon Web Services
 
Cloud Economics: il Business Case per la Cloud Migration
Cloud Economics: il Business Case per la Cloud MigrationCloud Economics: il Business Case per la Cloud Migration
Cloud Economics: il Business Case per la Cloud MigrationAmazon Web Services
 
Building your Cloud Strategy
Building your Cloud StrategyBuilding your Cloud Strategy
Building your Cloud StrategyAmazon Web Services
 
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...Amazon Web Services
 
Considerations for your Cloud Journey
Considerations for your Cloud JourneyConsiderations for your Cloud Journey
Considerations for your Cloud JourneyAmazon Web Services
 
Come costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSCome costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSAmazon Web Services
 
Getting started on your AWS migration journey
Getting started on your AWS migration journeyGetting started on your AWS migration journey
Getting started on your AWS migration journeyAmazon Web Services
 
From Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best PracticesFrom Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best PracticesTom Laszewski
 
AWS Technical Due Diligence Workshop Session Two
AWS Technical Due Diligence Workshop Session TwoAWS Technical Due Diligence Workshop Session Two
AWS Technical Due Diligence Workshop Session TwoTom Laszewski
 
AWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudAWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudCloudHesive
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
 
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring Tom Laszewski
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAmazon Web Services
 
Application Modernization using the Strangler Pattern
Application Modernization using the Strangler PatternApplication Modernization using the Strangler Pattern
Application Modernization using the Strangler PatternTom Laszewski
 
AWS Enterprise Day | Running Critical Business Applications on AWS
AWS Enterprise Day | Running Critical Business Applications on AWSAWS Enterprise Day | Running Critical Business Applications on AWS
AWS Enterprise Day | Running Critical Business Applications on AWSAmazon Web Services
 
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAmazon Web Services
 
When Clouds Collide - Session Sponsored by Datacom
When Clouds Collide - Session Sponsored by DatacomWhen Clouds Collide - Session Sponsored by Datacom
When Clouds Collide - Session Sponsored by DatacomAmazon Web Services
 
Cloud Economics: The Financial Case for Cloud Migration
Cloud Economics: The Financial Case for Cloud MigrationCloud Economics: The Financial Case for Cloud Migration
Cloud Economics: The Financial Case for Cloud MigrationAmazon Web Services
 
Azure vs AWS
Azure vs AWSAzure vs AWS
Azure vs AWSJosh Lane
 
Cloud Migration: A How-To Guide
Cloud Migration: A How-To GuideCloud Migration: A How-To Guide
Cloud Migration: A How-To GuideAmazon Web Services
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWSCloudHesive
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cloud Adoption Framework - AWS Innovate Ottawa:
Cloud Adoption Framework - AWS Innovate Ottawa: Cloud Adoption Framework - AWS Innovate Ottawa:
Cloud Adoption Framework - AWS Innovate Ottawa:Amazon Web Services
 
Cloud Economics: il Business Case per la Cloud Migration
Cloud Economics: il Business Case per la Cloud MigrationCloud Economics: il Business Case per la Cloud Migration
Cloud Economics: il Business Case per la Cloud MigrationAmazon Web Services
 
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...Amazon Web Services
 
Considerations for your Cloud Journey
Considerations for your Cloud JourneyConsiderations for your Cloud Journey
Considerations for your Cloud JourneyAmazon Web Services
 
Come costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSCome costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSAmazon Web Services
 
Getting started on your AWS migration journey
Getting started on your AWS migration journeyGetting started on your AWS migration journey
Getting started on your AWS migration journeyAmazon Web Services
 
From Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best PracticesFrom Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best PracticesTom Laszewski
 
AWS Technical Due Diligence Workshop Session Two
AWS Technical Due Diligence Workshop Session TwoAWS Technical Due Diligence Workshop Session Two
AWS Technical Due Diligence Workshop Session TwoTom Laszewski
 
AWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudAWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudCloudHesive
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
 
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring Tom Laszewski
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAmazon Web Services
 
Application Modernization using the Strangler Pattern
Application Modernization using the Strangler PatternApplication Modernization using the Strangler Pattern
Application Modernization using the Strangler PatternTom Laszewski
 
AWS Enterprise Day | Running Critical Business Applications on AWS
AWS Enterprise Day | Running Critical Business Applications on AWSAWS Enterprise Day | Running Critical Business Applications on AWS
AWS Enterprise Day | Running Critical Business Applications on AWSAmazon Web Services
 
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAmazon Web Services
 
When Clouds Collide - Session Sponsored by Datacom
When Clouds Collide - Session Sponsored by DatacomWhen Clouds Collide - Session Sponsored by Datacom
When Clouds Collide - Session Sponsored by DatacomAmazon Web Services
 
Cloud Economics: The Financial Case for Cloud Migration
Cloud Economics: The Financial Case for Cloud MigrationCloud Economics: The Financial Case for Cloud Migration
Cloud Economics: The Financial Case for Cloud MigrationAmazon Web Services
 
Azure vs AWS
Azure vs AWSAzure vs AWS
Azure vs AWSJosh Lane
 

Was ist angesagt? (20)

Cloud Adoption Framework - AWS Innovate Ottawa:
Cloud Adoption Framework - AWS Innovate Ottawa: Cloud Adoption Framework - AWS Innovate Ottawa:
Cloud Adoption Framework - AWS Innovate Ottawa:
 
Cloud Economics: il Business Case per la Cloud Migration
Cloud Economics: il Business Case per la Cloud MigrationCloud Economics: il Business Case per la Cloud Migration
Cloud Economics: il Business Case per la Cloud Migration
 
Building your Cloud Strategy
Building your Cloud StrategyBuilding your Cloud Strategy
Building your Cloud Strategy
 
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
AWS Webcast - The Business Value of Running SAP Solutions on the AWS Cloud (D...
 
Considerations for your Cloud Journey
Considerations for your Cloud JourneyConsiderations for your Cloud Journey
Considerations for your Cloud Journey
 
Come costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWSCome costruire apllicazioni "12-factor microservices" in AWS
Come costruire apllicazioni "12-factor microservices" in AWS
 
Getting started on your AWS migration journey
Getting started on your AWS migration journeyGetting started on your AWS migration journey
Getting started on your AWS migration journey
 
From Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best PracticesFrom Monolithic to Modern Apps: Best Practices
From Monolithic to Modern Apps: Best Practices
 
AWS Technical Due Diligence Workshop Session Two
AWS Technical Due Diligence Workshop Session TwoAWS Technical Due Diligence Workshop Session Two
AWS Technical Due Diligence Workshop Session Two
 
AWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudAWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the Cloud
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud Infrastructure
 
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
Hybrid Cloud on AWS : Provisioning, Operations, Management, and Monitoring
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
Application Modernization using the Strangler Pattern
Application Modernization using the Strangler PatternApplication Modernization using the Strangler Pattern
Application Modernization using the Strangler Pattern
 
AWS Enterprise Day | Running Critical Business Applications on AWS
AWS Enterprise Day | Running Critical Business Applications on AWSAWS Enterprise Day | Running Critical Business Applications on AWS
AWS Enterprise Day | Running Critical Business Applications on AWS
 
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWSAWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
AWS Summit Stockholm 2014 – B3 – Integrating on-premises workloads with AWS
 
When Clouds Collide - Session Sponsored by Datacom
When Clouds Collide - Session Sponsored by DatacomWhen Clouds Collide - Session Sponsored by Datacom
When Clouds Collide - Session Sponsored by Datacom
 
Cloud Economics: The Financial Case for Cloud Migration
Cloud Economics: The Financial Case for Cloud MigrationCloud Economics: The Financial Case for Cloud Migration
Cloud Economics: The Financial Case for Cloud Migration
 
Azure vs AWS
Azure vs AWSAzure vs AWS
Azure vs AWS
 
Cloud Migration: A How-To Guide
Cloud Migration: A How-To GuideCloud Migration: A How-To Guide
Cloud Migration: A How-To Guide
 

Ähnlich wie Winning Governance Strategies for the Technology Disruptions of our Time

NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
 
AWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWSAWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWSCloudHesive
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignAmazon Web Services
 
SecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdfSecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdfSrinivasMahankali3
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing OverviewManju Srinivas
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationCloudHesive
 
CSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps sessionCSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps sessionTom Laszewski
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23Rolf Koski
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupCloudHesive
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupCloudHesive
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014Amazon Web Services
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureCloudPassage
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudAmazon Web Services
 
Data Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcData Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcDataTactics
 

Ähnlich wie Winning Governance Strategies for the Technology Disruptions of our Time (20)

NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
AWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWSAWS Spotlight Series - Modernization and Security with AWS
AWS Spotlight Series - Modernization and Security with AWS
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By Design
 
Boot camp - Migration to AWS
Boot camp - Migration to AWSBoot camp - Migration to AWS
Boot camp - Migration to AWS
 
SecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdfSecureKloud_Corporate Deck.pdf
SecureKloud_Corporate Deck.pdf
 
Cloud Computing Overview
Cloud Computing OverviewCloud Computing Overview
Cloud Computing Overview
 
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud MigrationBest Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
 
CSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps sessionCSC AWS re:Invent Enterprise DevOps session
CSC AWS re:Invent Enterprise DevOps session
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
 
AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23AWS Finland User Group Meetup 2017-05-23
AWS Finland User Group Meetup 2017-05-23
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition Meetup
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition Meetup
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
 
Security and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud InfrastructureSecurity and Compliance for Enterprise Cloud Infrastructure
Security and Compliance for Enterprise Cloud Infrastructure
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
IT Resilience Use Case
IT Resilience Use CaseIT Resilience Use Case
IT Resilience Use Case
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
Data Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcData Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtc
 

Mehr von CloudHesive

Serverless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of FloridaServerless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of FloridaCloudHesive
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...CloudHesive
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...CloudHesive
 
Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...CloudHesive
 
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptxAmazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptxCloudHesive
 
ConnectPath Introduction
ConnectPath IntroductionConnectPath Introduction
ConnectPath IntroductionCloudHesive
 
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdfModernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdfCloudHesive
 
Modernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdfModernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdfCloudHesive
 
End User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptxEnd User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptxCloudHesive
 
Analytics at CloudHesive
Analytics at CloudHesiveAnalytics at CloudHesive
Analytics at CloudHesiveCloudHesive
 
Supporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo LogicSupporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo LogicCloudHesive
 
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsBest Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsCloudHesive
 
Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations CloudHesive
 
reInvent reCap 2022
reInvent reCap 2022reInvent reCap 2022
reInvent reCap 2022CloudHesive
 
Serverless without Code (Lambda)
Serverless without Code (Lambda)Serverless without Code (Lambda)
Serverless without Code (Lambda)CloudHesive
 
AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)CloudHesive
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
5 minutes on security
5 minutes on security5 minutes on security
5 minutes on securityCloudHesive
 
Meetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksMeetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksCloudHesive
 
Amazon Connect Bootcamp
Amazon Connect BootcampAmazon Connect Bootcamp
Amazon Connect BootcampCloudHesive
 

Mehr von CloudHesive (20)

Serverless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of FloridaServerless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of Florida
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
 
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
 
Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...
 
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptxAmazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
 
ConnectPath Introduction
ConnectPath IntroductionConnectPath Introduction
ConnectPath Introduction
 
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdfModernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdf
 
Modernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdfModernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdf
 
End User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptxEnd User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptx
 
Analytics at CloudHesive
Analytics at CloudHesiveAnalytics at CloudHesive
Analytics at CloudHesive
 
Supporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo LogicSupporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo Logic
 
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS CostsBest Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
 
Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations
 
reInvent reCap 2022
reInvent reCap 2022reInvent reCap 2022
reInvent reCap 2022
 
Serverless without Code (Lambda)
Serverless without Code (Lambda)Serverless without Code (Lambda)
Serverless without Code (Lambda)
 
AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control Tower
 
5 minutes on security
5 minutes on security5 minutes on security
5 minutes on security
 
Meetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksMeetup Protect from Ransomware Attacks
Meetup Protect from Ransomware Attacks
 
Amazon Connect Bootcamp
Amazon Connect BootcampAmazon Connect Bootcamp
Amazon Connect Bootcamp
 

Kürzlich hochgeladen

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 

Kürzlich hochgeladen (20)

SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 

Winning Governance Strategies for the Technology Disruptions of our Time

  • 1. Winning Governance Strategies for the Technology Disruptions of our Time ISACA South Florida Annual GRC Conference June 22, 2018 Patrick Hannah, VP of Engineering, CloudHesive
  • 2. About Me • Who am I? • What’s my background?
  • 3. About CloudHesive • Professional Services – Assessment (Current environment, datacenter or cloud footprint) – Strategy (Getting to the future state) – Migration (Environment-to-cloud, Datacenter-to-cloud) – Implementation (Point solutions) – Support (Break/fix and ongoing enhancement) • DevOps Services – Assessment – Strategy – Implementation (Point solutions) – Management (Supporting infrastructure, solutions or ongoing enhancement) – Support (Break/fix and ongoing enhancement) • Managed Security Services (SecOps) – Encryption as a Service (EaaS) – encryption at rest and in flight – End Point Security as a Service – Threat Management – SOC II Type 2 Validated • Next Generation Managed Services – Leveraging our Professional, DevOps and Managed Security Services – Single payer billing – Intelligent operations and automation – AWS Audited
  • 4. Agenda • Disruptive technology history • Challenges faced in GRC by disruptive technologies • Brief introduction to AWS • Introduction of Shared Responsibility models, specifically around Cloud Computing and AWS • Overview of AWS Frameworks that can be leveraged by Security and Compliance teams for GRC with technology disruptors • Overview of AWS Services that can be leveraged to support GRC on AWS • Overview of AWS Reference Architectures that align to a number of Frameworks and leverage the previously referenced AWS Services • Conclusion
  • 5. Disruptive Technology History • Then – Storage – Communications – Computing – Transportation – Manufacturing – Discreet Components • Now – Social – Mobile – Analytics/Big Data/AI – Cloud – Smart Things/IoT – Blockchain
  • 6. Challenges faced in GRC by disruptive technologies • Endpoints – From a single, non network connected computing device to multiple (desktops, laptops, tablets, mobile phones), mixed platforms – Smart Appliances (Kitchen, TV, etc.), Consumer IoT (Smart Home, Alexa, Dash, etc.), Commercial/Industrial IoT (Environmental, Manufacturing, etc.), also mixed platforms • Data – Wider breadth of sources, formats, and technologies to ingest, process, store, retrieve, analyze and display – Growth in the four v’s (volume, variety, velocity and veracity) • Policy – Attempting to apply legacy policies to disruptive technologies – Looked at as not agile/slow to adopt disruptive technologies/slow to apply to disruptive technologies • Shadow IT – The nature of disruptive technologies supports the adoption of them by non IT users – Disruptive technologies tend to be enablers to avoid traditional methods of acquisition
  • 7. Who is using AWS (US and Abroad)? • Federal Government • Government-Sponsored Enterprise • State • Local • Higher Education • K-12 • Non-Profit • Private Sector
  • 8. GovCloud • Additional Assurance Programs Above and Beyond other AWS Regions – ITAR – FedRAMP ATO (High for GovCloud, Medium for us-east/west) – DoD SRG (2,4,5 for GovCloud, 2 for us-east/west) • General – Separate Endpoints (utilize FIPS 140-2 approved cryptographic modules) – Separate Namespace – Separate Authentication (Tied to a non-GovCloud account for billing purposes - no Root Account) – 46 of the 127 AWS Services Available (EC2 Classic not Available) – US Citizen only Access • Physical Location – Northwestern US – Eastern US (forthcoming)
  • 10. Cloud Adoption Framework • Perspectives – Business • Value Realization – People • Roles & Readiness – Governance • Prioritization & Control – Platform • Applications & Infrastructure – Security • Risk & Compliance – Operations • Manage & Scale
  • 11. Well Architected Framework • Operational Excellence • Security • Reliability • Performance Efficiency • Cost Optimization
  • 12. General Design Principles • Stop guessing your capacity needs • Test systems at production scale • Automate to make architectural experimentation easier • Allow for evolutionary architectures • Drive architectures using data • Improve through game days
  • 13. Operational Excellence • Design Principles – Perform operations as code – Annotate documentation – Make frequent, small, reversible changes – Refine operations procedures frequently – Anticipate failure – Learn from all operational failures • Best Practices – Prepare – Operate – Evolve
  • 14. Security • Design Principles – Implement a strong identity foundation – Enable traceability – Apply security at all layers – Automate security best practices – Protect data in transit and at rest – Prepare for security events • Best Practices – Identity and Access Management – Detective Controls – Infrastructure Protection – Data Protection – Incident Response
  • 15. Reliability • Design Principles – Test recovery procedures – Automatically recover from failure – Scale horizontally to increase aggregate system availability – Stop guessing capacity – Manage change in automation • Best Practices – Foundations – Change Management – Failure Management
  • 16. Performance Efficiency • Design Principles – Democratize advanced technologies – Go global in minutes – Use serverless architectures – Experiment more often – Mechanical sympathy • Best Practices – Selection – Review – Monitoring – Tradeoffs
  • 17. Cost Optimization • Design Principles – Adopt a consumption model – Measure overall efficiency – Stop spending money on data center operations – Analyze and attribute expenditure – Use managed services to reduce cost of ownership • Best Practices – Cost-Effective Resources – Matching Supply and Demand – Expenditure Awareness – Optimizing Over Time
  • 18. Sample Implementation • “NIST Quickstart” • Based on Cybersecurity Framework, SP 800-53, SP 800-37 • Corresponding Guide + Controls Matrix • CIS and PCI Variants Available • Good starting point
  • 19. Supporting Services • VPC: Security Groups (Stateful Firewall) + NACLs (Stateless Firewall) • VPC: Flow Logs (NetFlow) • VPC: VGW (Point to Point and IPSEC Connectivity) + Peering (VPC to VPC Connectivity) + Endpoints (Private Connectivity to AWS Services) • VPC: NAT Gateway (Private to Public IP Address NAT’ing) • EC2: Patch Manager (OS and above patching + auditing) • EC2: Parameter Store (Secure Storage of Service Accounts)
  • 20. Supporting Services • S3/Glacier: File based storage with AAA, versioning, secure delete + policy based retention • Code Commit/ECS: Secure Application and Artifact Repository • Code Deploy/Run Command: “Hands off” OS and configuration management + application deployment • CloudWatch Logs: OS and above log management • CloudWatch Events + Lambda: Event triggered code • CloudTrail: Audit Trail, Exportable as JSON to idempotent storage
  • 21. Supporting Services • Config: Point in time snapshots of configuration items, Exportable as JSON to idempotent storage • OpsWorks + Elastic Beanstalk: “Hands off” infrastructure management • CloudFormation: Infrastructure automation described as JSON/YAML, Version Controllable • IAM + Directory Service + SSO: Standalone and Federated AAA • KMS: FIPS 140-2 Certified cryptographic module with integration to various AWS services, provides expiration and ability to provide self-generated cryptographic material • CloudHSM: FIPS 140-2 Certified cryptographic module with PKCS11 and JCE Interfaces
  • 22. Supporting Services • Certificate Manager: Secure Certificate Store • Workspaces: Secure Bastion • WAF: Layer 7 WAF • Shield + AutoScaling + ELB + Cloud Front: DoS/DDoS Protection • Artifact: AWS Audit Reports available on demand • Tags: Built-in asset + inventory marking and tracking on configuration items • Service Catalog: Predefined configurations available to end users, can be integrated to ITSM system
  • 23. Enforcement • AWS – Guard Duty – Inspector – Macie – Trusted Advisor – Config Rules – Various “Widgets” • Third Party – CIS CAT – CloudCheckr – AlertLogic – Tenable
  • 24. Conclusion • AWS provides a number of services to support your frameworks + controls, in addition to core infrastructure (server + storage) capabilities. • AWS provides guidance (in the form of the CAF and WAF) for organizations which do not have an existing framework to base their cloud adoption model on. • Getting started on AWS is easy; with the free tier, you can experiment with a number of services without incurring significant cost. • Adoption of AWS in your organization can be as easy or as hard as you want to make it; start simple and iterate.
  • 25. Recommended Reading • AWS Well Architected Framework – https://aws.amazon.com/architecture/well-architected/ • AWS Cloud Adoption Framework – https://aws.amazon.com/professional-services/CAF/ • AWS Cloud Transformation Maturity Model – https://d0.awsstatic.com/whitepapers/AWS-Cloud-Transformation-Maturity-Model.pdf • Shared Responsibility Model – https://aws.amazon.com/compliance/shared-responsibility-model/ • Operational Checklists for AWS – https://d1.awsstatic.com/whitepapers/aws-operational-checklists.pdf • Introduction to Auditing the Use of AWS – https://d1.awsstatic.com/whitepapers/compliance/AWS_Auditing_Security_Checklist.pdf
  • 26. Further Learning • Getting Started: https://aws.amazon.com/getting-started • General Reference: http://docs.aws.amazon.com/general/latest/gr • Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/ • FAQs: https://aws.amazon.com/faqs • Documentation: https://aws.amazon.com/documentation/ • Architecture: https://aws.amazon.com/architecture • Whitepapers: https://aws.amazon.com/whitepapers • Security: https://aws.amazon.com/security • Blog: https://aws.amazon.com/blogs • Service Specific Pages: https://aws.amazon.com/service • AWS Answers: https://aws.amazon.com/answers/ • AWS Knowledge Center: https://aws.amazon.com/premiumsupport/knowledge-center/ • SlideShare: http://www.slideshare.net/AmazonWebServices • Github: https://github.com/aws and https://github.com/awslabs
  • 27. Further Learning – Security • http://blogs.aws.amazon.com/security/post/Tx71TWXXJ3UI14/Enabling-Federation-to-AWS-using-Windows-Active- Directory-ADFS-and-SAML-2-0 • http://blogs.aws.amazon.com/security/post/Tx1LDN0UBGJJ26Q/How-to-Implement-Federated-API-and-CLI- Access-Using-SAML-2-0-and-AD-FS • http://blogs.aws.amazon.com/security/post/Tx2KL0TCWFBBAB1/How-to-Use-a-Single-IAM-User-to-Easily-Access- All-Your-Accounts-by-Using-the-AWS • http://blogs.aws.amazon.com/security/post/Tx1XWZ93EAFL9C4/How-to-Switch-Easily-Between-AWS-Accounts-by- Using-the-AWS-Management-Console-an • http://blogs.aws.amazon.com/security/post/Tx4BUZIS3E2QG2/Make-a-New-Year-s-Resolution-Adhere-to-IAM-Best- Practices • http://blogs.aws.amazon.com/security/post/TxASQFTVGZ5HMT/How-to-Receive-Alerts-When-Your-IAM- Configuration-Changes • http://blogs.aws.amazon.com/security/post/Tx3PSPQSN8374D/How-to-Receive-Notifications-When-Your-AWS- Account-s-Root-Access-Keys-Are-Used • http://blogs.aws.amazon.com/security/post/Tx3NVS2JAL7KWOM/How-to-Help-Prepare-for-DDoS-Attacks-by- Reducing-Your-Attack-Surface • http://blogs.aws.amazon.com/security/post/Tx280RX2WH6WUD7/Remove-Unnecessary-Permissions-in-Your-IAM- Policies-by-Using-Service-Last-Access • http://www.slideshare.net/AmazonWebServices/network-security-and-access-control-within-aws-54456790 • http://www.slideshare.net/AmazonWebServices/cloud-security-guidance-from-cesg-and-aws
  • 28. Meetups • Boca Raton: https://www.meetup.com/awsflorida/ • Doral: https://www.meetup.com/AWSUserGroupDoral/ • Fort Lauderdale: https://www.meetup.com/South-Florida-Amazon-Web-Services-Meetup/ • Jacksonville: https://www.meetup.com/AWS-User-Groups-of-Florida-Jacksonville/ • Miami: https://www.meetup.com/Miami-AWS-Users-Group/ • Miami Beach: https://www.meetup.com/aws-user-group-miami/ • Orlando: https://www.meetup.com/Orlando-AWS-Users-Group/ • Palm Beach Gardens: https://www.meetup.com/AWS-Users-Group-of-Florida-Palm-Beach- Gardens/ • Tampa: https://www.meetup.com/Tampa-AWS-Users-Group/ • Montevideo, Uruguay: https://www.meetup.com/Meetup-de-Amazon-Web-Services-AWS-en- Montevideo/ • Asuncion, Paraguay: https://www.meetup.com/Meetup-de-Amazon-Web-Services-en-Asuncion/ • South Florida Jenkins Area Meetup: https://www.meetup.com/South-Florida-Jenkins-Area-Meetup/

Hinweis der Redaktion

  1. Certifications in CCSK, CCSP, ITIL Experience with AWS, GovCloud, FedRAMP, specifically
  2. From Wiki: Disruptive innovation is an innovation that creates a new market and value network and eventually disrupts an existing market and value network, displacing established market-leading firms, products, and alliances
  3. AWS Public Sector Summit – June 20-21, 2018, Walter E. Washington Convention Center
  4. https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/ https://aws.amazon.com/compliance/services-in-scope/ See also C2S and Secret Region: https://aws.amazon.com/federal/us-intelligence-community/
  5. https://aws.amazon.com/quickstart/architecture/accelerator-nist/ NIST – Cybersecurity Framework, SP 800-53, SP 800-37 CIS – Benchmarks CSA – CCM + CAIQ Basic AWS Identity and Access Management (IAM) configuration with custom (IAM) policies, with associated groups, roles, and instance profiles. Standard, external-facing Amazon Virtual Private Cloud (Amazon VPC) Multi-AZ architecture with separate subnets for different application tiers and private (back-end) subnets for application and database. The Multi-AZ architecture helps ensure high availability. Amazon Simple Storage Service (Amazon S3) buckets for encrypted web content, logging, and backup data. Standard Amazon VPC security groups for Amazon Elastic Compute Cloud (Amazon EC2) instances and load balancers used in the sample application stack. The security groups limit access to only necessary services. Three-tier Linux web application using Auto Scaling and Elastic Load Balancing, which can be modified and/or bootstrapped with customer application. A secured bastion login host to facilitate command-line Secure Shell (SSH) access to Amazon EC2 instances for troubleshooting and systems administration activities. Encrypted, Multi-AZ Amazon Relational Database Service (Amazon RDS) MySQL database. Logging, monitoring, and alerts using AWS CloudTrail, Amazon CloudWatch, and AWS Config rules (where available).
  6. The next few slides I will detail some of the supporting services; a number of the AWS published matrices detail the alignment of these services to specific controls, rather than read through a matrix, I thought it would help to explain what these services are and how they can help