KEMBAR78
Getting Started With Aws Security | PDF | Payment Card Industry Data Security Standard | Amazon Web Services
Scribd
Upload
132 views32 pages

Getting Started With Aws Security

This document provides an overview of getting started with AWS security. It discusses how AWS shares security responsibility with customers and outlines key built-in security features such as role-based access control, encryption, firewalls, and security logs. It also covers AWS compliance with standards like ISO and PCI. Useful resources for learning more about AWS security are provided, including documentation, blogs, and whitepapers.

Uploaded by

koyuuau
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
132 views32 pages

Getting Started With Aws Security

This document provides an overview of getting started with AWS security. It discusses how AWS shares security responsibility with customers and outlines key built-in security features such as role-based access control, encryption, firewalls, and security logs. It also covers AWS compliance with standards like ISO and PCI. Useful resources for learning more about AWS security are provided, including documentation, blogs, and whitepapers.

Uploaded by

koyuuau
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 32

Getting Started with

AWS Security
Ian Massingham — Technical Evangelist
ianmas@amazon.com
@IanMmmm
Getting Started with AWS Security

Architected to be one of the most flexible and secure cloud environments


Removes many of the security headaches that come with
infrastructure
Built in Security Features
Agenda

Sharing the Security Responsibility


Overview of AWS Security
Features
Verifying our Security
Useful
Resources
Increasing your Security Posture in the
Cloud

AWS security Size of AWS Visibility into


approach security team usage &
resources
Broad Accreditations & Certifications

MPA
A

ISO 27001 ISO 9001


Security Benefits from Community Network Effect

Partner ecosystem Customer ecosystem Everyone benefits


SHARING THE
SECURITY RESPONSIBILITY
Shared Security Model

• Shared Responsibility
– Let AWS do the heavy lifting
– Focus on what’s most valuable to your
business
• AW • Customer
•S Facility operations • Choice of Guest OS
• Physical Security • Application Configuration Options
• Physical Infrastructure • Account Management flexibility
• Network • Security Groups
• Infrastructure • ACLs
• Virtualisation • Identity Management
Infrastructure
Hardware lifecycle
management
Shared Security Model: Infrastructure
Services
Such as Amazon EC2, Amazon EBS, and Amazon VPC
Shared Security Model: Container
Services
Such as Amazon RDS and Amazon EMR
Shared Security Model: Abstracted
Services
Such as Amazon S3 and Amazon DynamoDB
AWS SECURITY FEATURES
SECURE ACCESS
API ENDPOINTS USE TLS
BUILT-IN FIREWALLS
YOU CONTROL ACCESS TO YOUR INSTANCES
ROLE-BASED
ACCESSCONTROL
WITH FINE-GRAINED PERMISSIONS
MULTI-FACTOR
AUTHENTICATION
BUILT IN
PRIVATE SUBNETS
WITHIN YOUR AWS VIRTUAL PRIVATE CLOUD
ENCRYPT YOUR
DATA AT REST
USING AES 256 BIT ENCRYPTION
KEYS
CLOUD HSM
A HIGHLY SECURE WAY TO STORE KEYS
DEDICATED
CONNECTION
AN OPTION WITH AWS
DIRECT CONNECT
SECURITY LOGS
AWS CLOUDTRAIL, AWS CONFIG &
AMAZON CLOUDWATCH LOGS
TRUSTED ADVISOR
YOUR CUSTOMISED CLOUD EXPERT
VERIFYING OUR SECURITY
Compliance at AWS
AWS is Level 1 compliant under the Payment Card Industry (PCI) Data
Security Standard (DSS). Customers can run applications on our PCI-
compliant technology infrastructure for storing, processing, and
transmitting credit card information in the cloud.

AWS is ISO 27001 certified under the International Organization for


Standardization (ISO) 27001 standard. ISO 27001 is a widely-adopted
global security standard that outlines the requirements for information
security management systems.

Many other government and industry compliance requirements are


also met by AWS. Find more at:
aws.amazon.com/compli
ance
RESOURCES YOU CAN
USE TO LEARN
MORE
aws.amazon.com/security/
AW
S
Technica
l
Documentation
blogs.aws.amazon.com/security
AWS Security White
Papers
Introduction to AWS Security

Security at Scale: Governance in AWS

Security at Scale: Logging in AWS

AWS Security Best Practices

Securing Data at Rest with Encryption

AWS Security Whitepaper


aws.amazon.com/iam

aws.amazon.com/vpc

aws.amazon.com/kms

aws.amazon.com/config

aws.amazon.com/cloudtrail

aws.amazon.com/cloudhsm

aws.amazon.com/cloudwatch

aws.amazon.com/trustedadvisor
e
or s
r m ar
f o bin
us we
w &
lo
l ts
o
F ven
e

Ian Massingham — Technical Evangelist


@IanMmmm

@AWS_UKI for local AWS events & news

@AWScloud for Global AWS News &

You might also like