Security Essentials & Best Practices
|
|
- Felix Short
- 8 years ago
- Views:
Transcription
1 Security Essentials & Best Practices
2 Overview Overview of the AWS cloud security concepts such as the AWS security center, Shared Responsibility Model, and Identity and Access Management.
3 1 AWS Security Center
4 AWS Security Center Comprehensive securtiy portal to provide a variety of security notifications, information and documentation: Security Whitepapers Overview of Security Process AWS Risk and Compliance AWS Security Best Practices Security Resources Penetration Testing Vulnerability Reporting Report Suspicious s Security Bulletins
5 Security Resources and Blog AWS Security Resources Developer Information Articles + Tutorials Security Products Whitepapers Broad range of available security resources, training and tools: AWS Security Blog Subscribe to the AWS Security Blog to stay up-to-date on AWS security and compliance:
6 AWS Compliance List of compliance, assurance programs and resources: AWS Assurance Programs PCI DSS Level 1 SOC 1/ ISAE 3402 SOC 2 SOC 3 ISO 9001 IRAP FIPS MPAA HIPPA FedRAMP (SM) DoD CSM Levels 1-2,3-5 DIACAP and FISMA ISO MTCS Tier 3 ITAR CSA
7 2 Shared Responsibility Model
8 AWS Shared Responsibility Model Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Rich IAM capabilities Customer Network configuration Security groups + = OS firewalls Operating systems Applications Proper service configuration AuthN & acct management Authorization policies More secure and compliant systems than any one entity could achieve on its. own at scale Scope of responsibility depends on the type of service offered by AWS: Infrastructure, Container, Abstracted Services Understanding who is responsible for what is critical to ensuring your AWS data and systems are secure!
9 Shared Responsibility Model Customer Customer content Pla=orm, Applica3ons, Iden3ty & Access Management Opera3ng System, Network & Firewall Configura3on Customers are responsible for their security and compliance IN the Cloud Client- side Data Encryp3on Server- side Data Encryp3on Network Traffic Protec3on AWS AWS Founda+on Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Loca+ons AWS is responsible for the security OF the Cloud
10 Meet your own security objectives Customer Your own accredita3on Your own cer3fica3ons Your own external audits Customer scope and effort is reduced Better results through focused efforts AWS AWS Founda+on Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Loca+ons Built on AWS consistent baseline controls
11 AWS Responsibilities Physical Security of Data Center Amazon has been building large-scale data centers for many years. Important attributes: Non-descript facilities Robust perimeter controls Strictly controlled physical access Two or more levels of two-factor authentication Controlled, need-based access. All access is logged and reviewed. Separation of Duties Employees with physical access don t have logical privileges.
12 AWS Responsibilities EC2 Security Host operating system Individual SSH keyed logins via bastion host for AWS admins All accesses logged and audited Guest (a.k.a. Instance) operating system Customer controlled (customer owns root/admin) AWS admins cannot log in Customer-generated keypairs Stateful firewall Mandatory inbound firewall, default deny mode Customer controls configuration via Security Groups Network Security IP Spoofing prohibited at host OS level. Packet sniffing is ineffective (protected at hypervisor level). Unauthorized Port Scanning a violation of TOS and is detected/blocked. Inbound ports blocked by default.
13 AWS Responsibilities Configuration Management Most updates are done in such a manner that they will not impact the customer. Changes are authorized, logged, tested, approved, and documented. AWS will communicate with customers, either via , or through the AWS. Service Health Dashboard ( when there is a potential for service being affected. Built for Continuous Availability Scalable, fault tolerant services. All datacenters (AZs) are always on. No Disaster Recovery Datacenter Managed to the same standards Robust Internet connectivity Each AZ has redundant, Tier 1 ISP Service Providers Resilient network infrastructure
14 AWS Responsibilities Disk Management Proprietary disk management prevents customers from accessing each other s data. Disks wiped prior to use. Disks can be encrypted by the customer for additional security. Storage Device Decommissioning All storage devices go through process using techniques from: DoD M ( National Industrial Security Program Operating Manual ). NIST ( Guidelines for Media Sanitization ). Ultimately devices are: Degaussed. Physically destroyed.
15 3 Identity and Access Management
16 Identity Management Definitions Identity Management describes the management of individual principals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks. (Wikipedia)
17 Considerations for Layers of Principals Applications Identities: Application Users, Application Administrators Operating Systems Identities: Developers, DevOps and/or System Engineers Amazon Web Services Identities: Developers, DevOp Engineers, Testers, Software/Platform Interaction of AWS Identities: Provisioning/deprovisioning EC2 instances and EBS storage. Configuring Load Balancers. Accessing S3 Objects or data in DynamoDB. Accessing data in DynamoDB. Interacting with SQS queues. Sending SNS notifications.
18 AWS Principals Account Owner ID (Root Account) Access to all subscribed services. Access to billing. Access to console and APIs. Access to Customer Support. IAM Users, Groups and Roles Access to specific services. Access to console and/or APIs. Access to Customer Support (Business and Enterprise). Temporary Security Credentials Access to specific services. Access to console and/or APIs.
19 AWS Identity Authentication Authentication: How do we know you are who you say you are? Console API Username/ Password MFA Token (Recommended) Access/Secret Key(s) MFA Token (Optional) Signed URL (Token) Temporary Access/Secret Key(s) Note: It is recommended to delete Root Access Keys. AWS does not store/retain your Secret Keys.
20 AWS Authorization and Privileges Authorization: What are you allowed to do? Account Owner (Root) Privileged for all actions. Note: Always associate the account owner ID with an MFA device and store it in a secured place! IAM Policies Privileges defined at User and Resource Level
21 AWS IAM Hierarchy of Privileges Enforce principle of least privilege with Identity and Access Management (IAM) users, groups, and policies and temporary credentials. AWS Account Owner (Root) AWS IAM User Temporary Security Credentials Permissions Unrestricted access to all enabled services and resources. Access restricted by Group and User policies Access restricted by generating identity and further by policies used to generate token Example Action: * Effect: Allow Resource: * (implicit) Action: [ s3:*, sts:get* ] Effect: Allow Resource: * Action: [ s3:get* ] Effect: Allow Resource: arn:aws:s3:::mybucket/*
22 AWS Identity and Access Management (IAM) Securely control access to AWS services and resources for your users. Username/ User Manage groups of users Centralized Access Control Optional Configurations: Password for console access. Policies for controlling access AWS APIs. Two methods to sign API calls: X.509 certificate Access/Secret Keys Multi-factor Authentication (MFA)
23 Identity and Access Management Common approaches for Applications and Operating Systems Local User Databases Local Password (passwd) files. Local Windows administrator accounts. User Databases. User DB LDAP Directories: On-premise accessed over VPN. Replicated to AWS (read-only or read/write). Federated (one-way trusts, ADFS). Managed Samba-based directories via AWS Directory Services. AWS Directory Service Domain Controller
24 AWS Directory Service Managed service for Active Directory Existing Corporate Credentials AWS-based Applications AWS Management Console via IAM Roles Directories Supported AD Connector: Connect to your on-premise Active Directory. Simple AD: AWS-based managed directory compatible w/ Active Directory.
25 4 Encryption
26 Encryption. Protecting data in-transit and at-rest. Encryption In-Transit HTTPS SSH SSL/TLS VPN Object Encryption At-Rest Object Database Filesystem Disk Details about encryption can be found in the AWS Whitepaper, Securing Data at Rest with Encryption.
27 Encryption Data at Rest Volume Encryption EBS Encryption Filesystem Tools AWS Marketplace/ Partner EBS Object Encryption S3 Server Side Encryption (SSE) S3 SSE w/ Customer Provided Keys Client-Side Encryption Database Encryption RDS MSSQL TDE RDS ORACLE TDE/HSM RDS MYSQL KMS RDS PostgreSQL KMS Redshift Encryption
28 AWS Key Management Service Managed service to securely create, control, rotate, and use encryption keys. Customer Master Key(s) Centralized Key Management for use with AWS: EBS S3 Redshift AWS SDK Data Key 1 Data Key 2 Data Key 3 Data Key 4 AWS CloudTrail Amazon S3 Object Details about security controls can be found in the AWS Whitepaper: KMS Cryptographic Details. Amazon EBS Volume Amazon Redshift Cluster
29 AWS CloudHSM Help meet compliance requirements for data security by using a dedicated Hardware Security Module appliance with AWS. CloudHSM Appliance Details: Customer Keys Crypto Operations VPC AWS Administrator manages the appliance AWS Management Monitoring Data Center SafeNet Luna HSM AWS CloudHSM You control keys and crypto operations Amazon Virtual Private Cloud
30 5 Configuration Management
31 AWS CloudTrail Web service that records AWS API calls for your account and delivers logs. Console AWS SDK CLI CloudTrail S3 AWS Partner Network CloudSearch EMR/Redshift
32 AWS CloudWatch Monitoring services for AWS Resources and AWS-based Applications. EC2 Collect and Track Metrics Custom ELB EMR Route 53 SNS EBS SQS AutoScaling EBS Billing RDS Storage Gateway CloudFront DynamoDB ElastiCache Monitor and Store Logs Set Alarms View Graphs and Statistics
33 AWS Service Catalog Self-service portal for creating and managing resources in AWS. Pre-Announced Administrator Portfolio w/permissions Create CloudFormation Template Notifications Product Service Catalog Product A Portfolio Product B Deployed Stack(s) Browse Products Launch Products Notifications End Users Create and manage approved catalogs of resources. End users browse and launch products via self-service portal. Control user access to applications or AWS resources per compliance needs. Extensible via API to existing self-service frameworks.
34 AWS Config *Preview Managed service for tracking AWS inventory and configuration, and configuration change notification. AWS Config EC2 EBS VPC CloudTrail Security Analysis Audit Compliance Change Management Troubleshooting Discovery
35 6 Security Best Practices
36 AWS Trusted Advisor Leverage Trusted Advisor to analyze your AWS resources for best practices for availability, cost, performance and security. Fault Tolerance Performance Cost Optimization Security Security Groups Specific Ports CloudTrail Logging S3 Bucket Permissions Free Tier IAM Use IAM Password Policy RDS Security Group Access MFA on Root CloudSearch Route53
37 AWS Shared Responsibility Model Understand compliance and security responsibilities for AWS Resources. Facilities Operations Guest Operating System Amazon Web Services Infrastructure Physical Security Physical Network Virtual Customer Configuration Application Security Group Access Control List Identity Management HW Lifecycle Management Access Management
38 Identity Access Management Create appropriate principles, authorization and privileges for AWS Resources. AWS Identify and Access Management Multi-Factor Authentication User User User Hardware Virtual Groups Roles Policies Principle of Least Privilege IAM AWS Administrative Users Root Account Note: Always associate the account owner ID with an MFA device and store it in a secured place!
39 Enforce consistent security on your hosts Configure and harden EC2 instances based on security and compliance needs. Host-based Protection Software Restrict Access Where Possible Connect to Existing Services User administration Whitelisting and integrity Malware and HIPS Vulnerability management Audit and logging Hardening Operating system AMI catalog Launch instance EC2 Running instance Configure instance Your instance
40 Defense-in-Depth Physical Network AWS Compliance Program Third Party Attestations Security Groups VPC Configuration Web Application Firewalls Bastion Hosts Encryption In-Transit DATA System Security Data Security Hardened AMIs OS and App Patch Mgmt. IAM Roles for EC2 IAM Credentials Logical Access Controls User Authentication Encryption At-Rest
41 ? Questions
Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud
Simone Brunozzi, AWS Technology Evangelist, APAC Fortress in the Cloud AWS Cloud Security Model Overview Certifications & Accreditations Sarbanes-Oxley (SOX) compliance ISO 27001 Certification PCI DSS
More informationNetop Environment Security. Unified security to all Netop products while leveraging the benefits of cloud computing
Netop Environment Security Unified security to all Netop products while leveraging the benefits of cloud computing Contents Introduction... 2 AWS Infrastructure Security... 3 Standards - Compliancy...
More informationApplication Security Best Practices. Matt Tavis Principal Solutions Architect
Application Security Best Practices Matt Tavis Principal Solutions Architect Application Security Best Practices is a Complex topic! Design scalable and fault tolerant applications See Architecting for
More informationAWS Security. Security is Job Zero! CJ Moses Deputy Chief Information Security Officer. AWS Gov Cloud Summit II
AWS Security CJ Moses Deputy Chief Information Security Officer Security is Job Zero! Overview Security Resources Certifications Physical Security Network security Geo-diversity and Fault Tolerance GovCloud
More informationCloud S ecurity Security Processes & Practices Jinesh Varia
Cloud Security Processes & Practices Jinesh Varia Overview Certifications Physical Security Backups EC2 Security S3 Security SimpleDB Security SQS Security Best Practices AWS Security White Paper Available
More informationFamly ApS: Overview of Security Processes
Famly ApS: Overview of Security Processes October 2015 Please consult http://famly.co for the latest version of this paper Page 1 of 10 Table of Contents 1. INTRODUCTION TO SECURITY AT FAMLY... 3 2. PHYSICAL
More informationHow To Use Aws.Com
Crypto-Options on AWS Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH Amazon.com, Inc. and its affiliates. All rights reserved. Agenda
More informationCLOUD COMPUTING WITH AWS An INTRODUCTION. John Hildebrandt Solutions Architect ANZ
CLOUD COMPUTING WITH AWS An INTRODUCTION John Hildebrandt Solutions Architect ANZ AGENDA Todays Agenda Background and Value proposition of AWS Global infrastructure and the Sydney Region AWS services Drupal
More information319 MANAGED HOSTING TECHNICAL DETAILS
319 MANAGED HOSTING TECHNICAL DETAILS 319 NetWorks www.319networks.com Table of Contents Architecture... 4 319 Platform... 5 319 Applications... 5 319 Network Stack... 5 319 Cloud Hosting Technical Details...
More informationAmazon Web Services: Overview of Security Processes August 2015
Amazon Web Services: Overview of Security Processes August 2015 (Please consult http://aws.amazon.com/security/ for the latest version of this paper) Page 1 of 75 Table of Contents Introduction... 5 Shared
More informationAmazon Web Services: Overview of Security Processes May 2011
Amazon Web Services: Overview of Security Processes May 2011 (Please consult http://aws.amazon.com/security for the latest version of this paper) 1 Amazon Web Services (AWS) delivers a scalable cloud computing
More informationAmazon Web Services: Overview of Security Processes August 2015
Amazon Web Services: Overview of Security Processes August 2015 (Please consult http://aws.amazon.com/security/ for the latest version of this paper) Page 1 of 75 Table of Contents Introduction... 5 Shared
More informationAmazon Web Services: Overview of Security Processes June 2014
Amazon Web Services: Overview of Security Processes June 2014 (Please consult http://aws.amazon.com/security/ for the latest version of this paper) Page 1 of 68 Table of Contents Shared Responsibility
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationUsing ArcGIS for Server in the Amazon Cloud
Federal GIS Conference February 9 10, 2015 Washington, DC Using ArcGIS for Server in the Amazon Cloud Bonnie Stayer, Esri Amy Ramsdell, Blue Raster Session Outline AWS Overview ArcGIS in AWS Cloud Builder
More informationAmazon Web Services: Overview of Security Processes March 2013
Amazon Web Services: Overview of Security Processes March 2013 (Please consult http://aws.amazon.com/security/ for the latest version of this paper) Page 1 of 48 Table of Contents Shared Responsibility
More informationBuilding Energy Security Framework
Building Energy Security Framework Philosophy, Design, and Implementation Building Energy manages multiple subsets of customer data. Customers have strict requirements for regulatory compliance, privacy
More informationAWS Directory Service. Simple AD Administration Guide Version 1.0
AWS Directory Service Simple AD Administration Guide AWS Directory Service: Simple AD Administration Guide Copyright 2015 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's
More informationHow To Protect Your Data From Harm
Introduction to Auditing the Use of AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationLive Guide System Architecture and Security TECHNICAL ARTICLE
Live Guide System Architecture and Security TECHNICAL ARTICLE Contents 1. Introduction... 2 2. Hosting Environment... 2 2.1. Standards - Compliancy... 3 2.2. Business Continuity Management... 3 2.3. Network
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
SOLUTION BRIEF PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP The benefits of cloud computing are clear and compelling: no upfront investment, low ongoing costs, flexible capacity and fast application
More informationKeyLock Solutions Security and Privacy Protection Practices
KeyLock Solutions Overview KeyLock Solutions hosts its infrastructure at Heroku. Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout
More informationPATCH MANAGER what does it do?
PATCH MANAGER what does it do? PATCH MANAGER SAAS maps all your physical assets and physical infrastructure such as network and power cabling, racks, servers, switches, UPS and generators. It provides
More informationAIST Data Symposium. Ed Lenta. Managing Director, ANZ Amazon Web Services
AIST Data Symposium Ed Lenta Managing Director, ANZ Amazon Web Services Why are companies adopting cloud computing and AWS so quickly? #1: Agility The primary reason businesses are moving so quickly to
More informationService Organization Controls 3 Report
Service Organization Controls 3 Report Report on the Amazon Web Services System Relevant to Security and Availability For the Period April 1, 2015 September 30, 2015 Ernst & Young LLP Suite 1600 560 Mission
More informationAlfresco Enterprise on AWS: Reference Architecture
Alfresco Enterprise on AWS: Reference Architecture October 2013 (Please consult http://aws.amazon.com/whitepapers/ for the latest version of this paper) Page 1 of 13 Abstract Amazon Web Services (AWS)
More informationTECHNOLOGY WHITE PAPER Jun 2012
TECHNOLOGY WHITE PAPER Jun 2012 Technology Stack C# Windows Server 2008 PHP Amazon Web Services (AWS) Route 53 Elastic Load Balancing (ELB) Elastic Compute Cloud (EC2) Amazon RDS Amazon S3 Elasticache
More informationTECHNOLOGY WHITE PAPER Jan 2016
TECHNOLOGY WHITE PAPER Jan 2016 Technology Stack C# PHP Amazon Web Services (AWS) Route 53 Elastic Load Balancing (ELB) Elastic Compute Cloud (EC2) Amazon RDS Amazon S3 Elasticache CloudWatch Paypal Overview
More informationExpand Your Infrastructure with the Elastic Cloud. Mark Ryland Chief Solutions Architect Jenn Steele Product Marketing Manager
Expand Your Infrastructure with the Elastic Cloud Mark Ryland Chief Solutions Architect Jenn Steele Product Marketing Manager Today we re going to talk about The Cloud Scenarios Questions You Probably
More informationIntroduction to AWS in Higher Ed
Introduction to AWS in Higher Ed Lori Clithero loricli@amazon.com 206.227.5054 University of Washington Cloud Day 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 2 Cloud democratizes
More informationAWS Security Best Practices
AWS Security Best Practices Dob Todorov Yinal Ozkan November 2013 (Please consult http://aws.amazon.com/security for the latest version of this paper) Page 1 of 56 Table of Contents Abstract... 4 Overview...
More informationDoD-Compliant Implementations in the AWS Cloud
DoD-Compliant Implementations in the AWS Cloud Reference Architectures Paul Bockelman Andrew McDermott April 2015 Contents Contents 2 Abstract 3 Introduction 3 Getting Started 4 Shared Responsibilities
More informationAWS Security & Compliance
AWS Public Sector Jerusalem 19 Nov 2014 AWS Security & Compliance CJ Moses General Manager, Government Cloud Solu3ons Security Is Our No.1 Priority Comprehensive Security Capabilities to Support Virtually
More informationUsing ArcGIS for Server in the Amazon Cloud
Using ArcGIS for Server in the Amazon Cloud Randall Williams, Esri Subrat Bora, Esri Esri UC 2014 Technical Workshop Agenda What is ArcGIS for Server on Amazon Web Services Sounds good! How much does it
More informationSecuring Amazon It s a Jungle Out There
ANALYST BRIEF Securing Amazon It s a Jungle Out There PART 1 CONTROLS AND OPTIONS OFFERED BY AMAZON Author Rob Ayoub Overview Infrastructure as a service (IaaS) is a foundational component of modern cloud
More informationPega as a Service. Kim Singletary, Dir. Product Marketing Cloud Matt Yanchyshyn, Sr. Mgr., AWS Solutions Architect
1 Pega as a Service Kim Singletary, Dir. Product Marketing Cloud Matt Yanchyshyn, Sr. Mgr., AWS Solutions Architect This information is not a commitment, promise or legal obligation to deliver any material,
More informationPrimex Wireless OneVue Architecture Statement
Primex Wireless OneVue Architecture Statement Secure, cloud-based workflow, alert, and notification platform built on top of Amazon Web Services (AWS) 2015 Primex Wireless, Inc. The Primex logo is a registered
More informationCloud Security Overview
UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Security Overview Murat Kantarcioglu Outline Current cloud security techniques Amazon Web services Microsoft Azure Cloud Security Challengers
More informationAmazon Web Services: Risk and Compliance July 2015
Amazon Web Services: Risk and Compliance July 2015 (Consult http://aws.amazon.com/compliance/aws-whitepapers/ for the latest version of this paper) Page 1 of 128 This document is intended to provide information
More informationU.S. Securities and Exchange Commission s Office of Compliance Inspections and Examinations (OCIE)
Amazon Web Services SEC (OCIE) Workbook May 2015 U.S. Securities and Exchange Commission s Office of Compliance Inspections and Examinations (OCIE) CYBERSECURITY INITIATIVE Workbook Page 1 of 28 Amazon
More informationEEDC. Scalability Study of web apps in AWS. Execution Environments for Distributed Computing
EEDC Execution Environments for Distributed Computing 34330 Master in Computer Architecture, Networks and Systems - CANS Scalability Study of web apps in AWS Sergio Mendoza sergio.mendoza@est.fib.upc.edu
More informationThing Big: How to Scale Your Own Internet of Things. Walter'Pernstecher'-'pernstec@amazon.de' Dr.'Markus'Schmidberger'-'schmidbe@amazon.
Thing Big: How to Scale Your Own Internet of Things Walter'Pernstecher'-'pernstec@amazon.de' Dr.'Markus'Schmidberger'-'schmidbe@amazon.de' Internet of Things is the network of physical objects or "things"
More informationSecurity Practices, Architecture and Technologies
Security Practices, Architecture and Technologies CONTACT: 36 S. Wall Street Columbus, OH 43215 1-800-VAB-0300 www.viewabill.com 1 CONTENTS End-to-End Security Processes and Technologies... 3 Secure Architecture...
More informationRunning Oracle Applications on AWS
Running Oracle Applications on AWS Bharath Terala Sr. Principal Consultant Apps Associates LLC June 09, 2014 Copyright 2014. Apps Associates LLC. 1 Agenda About the Presenter About Apps Associates LLC
More informationService Organization Controls 3 Report
Service Organization Controls 3 Report Report on the Amazon Web Services System Relevant to Security For the Period April 1, 2013 March 31, 2014 Ernst & Young LLP Suite 1600 560 Mission Street San Francisco,
More informationEncrypting Data at Rest
Encrypting Data at Rest Ken Beer Ryan Holland November 2014 Contents Contents Abstract Introduction The Key to Encryption: Who Controls the Keys? Model A: You control the encryption method and the entire
More informationVIEWABILL. Cloud Security and Operational Architecture. featuring RUBY ON RAILS
VIEWABILL Cloud Security and Operational Architecture featuring RUBY ON RAILS VAB_CloudSecurity V1 : May 2014 Overview The Viewabill.com cloud is a highly-secure, scalable and redundant solution that enables
More informationSECURITY IS JOB ZERO. Security The Forefront For Any Online Business Bill Murray Director AWS Security Programs
SECURITY IS JOB ZERO Security The Forefront For Any Online Business Bill Murray Director AWS Security Programs Security is Job Zero Physical Security Network Security Platform Security People & Procedures
More informationIntroduction to DevOps on AWS
Introduction to DevOps on AWS David Chapman December 2014 Contents Contents Abstract Introduction Agile Evolution to DevOps Infrastructure as Code AWS CloudFormation AWS AMI Continuous Deployment AWS CodeDeploy
More informationBest Practices for Security and Compliance with Amazon Web Services. A Trend Micro White Paper I April 2013
Best Practices for Security and Compliance with Amazon Web Services A Trend Micro White Paper I April 2013 Contents Executive Summary...2 Defining Cloud Computing...2 SERVICE MODELS...3 DEPLOYMENT MODELS...5
More informationOverview and Deployment Guide. Sophos UTM on AWS
Overview and Deployment Guide Sophos UTM on AWS Overview and Deployment Guide Document date: November 2014 1 Sophos UTM and AWS Contents 1 Amazon Web Services... 4 1.1 AMI (Amazon Machine Image)... 4 1.2
More informationCloud models and compliance requirements which is right for you?
Cloud models and compliance requirements which is right for you? Bill Franklin, Director, Coalfire Stephanie Tayengco, VP of Technical Operations, Logicworks March 17, 2015 Speaker Introduction Bill Franklin,
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationDeploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC
XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 Deploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC Prepared by: Peter Bats Commissioning Editor: Linda Belliveau Version: 5.0 Last Updated:
More informationAmazon WorkDocs. Administration Guide Version 1.0
Amazon WorkDocs Administration Guide Amazon WorkDocs: Administration Guide Copyright 2015 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not
More informationAWS alignment with the Australian Signals Directorate (ASD) Cloud Computing Security Considerations
AWS alignment with the Australian Signals Directorate (ASD) Cloud Computing Security Considerations The Cloud Computing Security Considerations was created to assist agencies in performing a risk assessment
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationSecurity Document. Issued April 2014 Updated October 2014 Updated May 2015
Security Document Issued April 2014 Updated October 2014 Updated May 2015 Table of Contents Issued April 2014... 1 Updated October 2014... 1 Updated May 2015... 1 State-of-the-art Security for Legal Data...
More informationAnypoint Platform Cloud Security and Compliance. Whitepaper
Anypoint Platform Cloud Security and Compliance Whitepaper 1 Overview Security is a top concern when evaluating cloud services, whether it be physical, network, infrastructure, platform or data security.
More informationEnterprise Cloud Computing with AWS. for internal partner use only
Enterprise Cloud Computing with AWS for internal partner use only How did Amazon Get into Cloud Computing? On-Premise Infrastructure is Costly & Complex Large Capital Expenditures Patching Software Scaling
More informationLogentries Insights: The State of Log Management & Analytics for AWS
Logentries Insights: The State of Log Management & Analytics for AWS Trevor Parsons Ph.D Co-founder & Chief Scientist Logentries 1 1. Introduction The Log Management industry was traditionally driven by
More informationUTILIZING CLOUDCHECKR FOR SECURITY
UTILIZING CLOUDCHECKR FOR SECURITY A guide to security in your AWS Environment Abstract This document outlines steps to properly secure your AWS environment using CloudCheckr. We cover CloudCheckr use
More informationAutodesk PLM 360 Security Whitepaper
Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure
More informationDLT Solutions and Amazon Web Services
DLT Solutions and Amazon Web Services For a seamless, cost-effective migration to the cloud PREMIER CONSULTING PARTNER DLT Solutions 2411 Dulles Corner Park, Suite 800 Herndon, VA 20171 Duane Thorpe Phone:
More informationIntrusion Detection in the Cloud
Intrusion Detection in the Cloud Greg Roth, AWS Identity & Access Management Don Bailey, AWS Security November 14 th, 2013 2013 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied,
More informationIntroduction to Amazon Web Services! Leo Zhadanovsky! @leozh leo@amazon.com! Senior Solutions Architect
Introduction to Amazon Web Services! Leo Zhadanovsky! @leozh leo@amazon.com! Senior Solutions Architect AWS HISTORY About How didamazon Amazon Web Services! Deep experience in building and operating global
More informationwww.boost ur skills.com
www.boost ur skills.com AWS CLOUD COMPUTING WORKSHOP Write us at training@boosturskills.com BOOSTURSKILLS No 1736 1st Amrutha College Road Kasavanhalli,Off Sarjapur Road,Bangalore-35 1) Introduction &
More informationScalable Application. Mikalai Alimenkou http://xpinjection.com 11.05.2012
Scalable Application Development on AWS Mikalai Alimenkou http://xpinjection.com 11.05.2012 Background Java Technical Lead/Scrum Master at Zoral Labs 7+ years in software development 5+ years of working
More informationAWS Account Management Guidance
AWS Account Management Guidance Introduction Security is a top priority at AWS. Every service that is offered is tightly controlled and adheres to a strict security standard. This is evident in the security
More informationOpsview in the Cloud. Monitoring with Amazon Web Services. Opsview Technical Overview
Opsview in the Cloud Monitoring with Amazon Web Services Opsview Technical Overview Page 2 Opsview In The Cloud: Monitoring with Amazon Web Services Contents Opsview in The Cloud... 3 Considerations...
More informationCloud Portal Office Security Whitepaper. October 2013
Cloud Portal Office Security Whitepaper October 2013 Table of Contents Introduction... 2 Accessing Cloud Portal Office... 2 Account Authentication and Authorization... 2 Strong Password Policies... 3 Single
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationAmazon Web Services. 2015 Annual ALGIM Conference. Tim Dacombe-Bird Regional Sales Manager Amazon Web Services New Zealand
Amazon Web Services 2015 Annual ALGIM Conference Tim Dacombe-Bird Regional Sales Manager Amazon Web Services New Zealand 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda Who
More informationChapter 9 PUBLIC CLOUD LABORATORY. Sucha Smanchat, PhD. Faculty of Information Technology. King Mongkut s University of Technology North Bangkok
CLOUD COMPUTING PRACTICE 82 Chapter 9 PUBLIC CLOUD LABORATORY Hand on laboratory based on AWS Sucha Smanchat, PhD Faculty of Information Technology King Mongkut s University of Technology North Bangkok
More informationWeb Application Hosting in the AWS Cloud Best Practices
Web Application Hosting in the AWS Cloud Best Practices September 2012 Matt Tavis, Philip Fitzsimons Page 1 of 14 Abstract Highly available and scalable web hosting can be a complex and expensive proposition.
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationAmazon Web Services: Risk and Compliance January 2013
Amazon Web Services: Risk and Compliance January 2013 (Please consult http://aws.amazon.com/security for the latest version of this paper) Page 1 of 59 This document intends to provide information to assist
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationAmazon Web Services: Risk and Compliance July 2012
Amazon Web Services: Risk and Compliance July 2012 (Please consult http://aws.amazon.com/security for the latest version of this paper) 1 This document intends to provide information to assist AWS customers
More informationAccellion Security FAQ
A N A C C E L L I O N W H I T E P A P E R Accellion Security FAQ Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite 200 www.accellion.com Palo Alto, CA 94303 info@accellion.com
More informationAgenda. - Introduction to Amazon s Cloud - How ArcGIS users adopt Amazon s Cloud - Why ArcGIS users adopt Amazon s Cloud - Examples
Amazon Web Services Agenda - Introduction to Amazon s Cloud - How ArcGIS users adopt Amazon s Cloud - Why ArcGIS users adopt Amazon s Cloud - Examples How did Amazon Get into Cloud Computing? On-Premise
More informationServers. Servers. NAT Public Subnet: 172.30.128.0/20. Internet Gateway. VPC Gateway VPC: 172.30.0.0/16
.0 Why Use the Cloud? REFERENCE MODEL Cloud Development April 0 Traditionally, deployments require applications to be bound to a particular infrastructure. This results in low utilization, diminished efficiency,
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationFMCS SECURE HOSTING GUIDE
FMCS SECURE HOSTING GUIDE October 2015 SHG-MNL-v3.0 CONTENTS INTRODUCTION...4 HOSTING SERVICES...4 Corporate Secure Hosting... 4 Hosting Partner... 4 Hosting Location... 4 Physical Security... 4 Risk and
More informationA Comparison of Clouds: Amazon Web Services, Windows Azure, Google Cloud Platform, VMWare and Others (Fall 2012)
1. Computation Amazon Web Services Amazon Elastic Compute Cloud (Amazon EC2) provides basic computation service in AWS. It presents a virtual computing environment and enables resizable compute capacity.
More informationEvery Silver Lining Has a Vault in the Cloud
Irvin Hayes Jr. Autodesk, Inc. PL6015-P Don t worry about acquiring hardware and additional personnel in order to manage your Vault software installation. Learn how to spin up a hosted server instance
More informationSecuring the Microsoft Platform on Amazon Web Services
Securing the Microsoft Platform on Amazon Web Services Tom Stickle August 2012 (Please consult http://aws.amazon.com/whitepapers/ for the latest version of this paper) Page 1 of 22 Abstract Deploying Microsoft
More informationWeb Application Hosting in the AWS Cloud Best Practices
Web Application Hosting in the AWS Cloud Best Practices May 2010 Matt Tavis Page 1 of 12 Abstract Highly-available and scalable web hosting can be a complex and expensive proposition. Traditional scalable
More informationGetting Started with Clearlogin A Guide for Administrators V1.01
Getting Started with Clearlogin A Guide for Administrators V1.01 Clearlogin makes secure access to the cloud easy for users, administrators, and developers. The following guide explains the functionality
More informationBest Practices for Siebel on AWS
Best Practices for Siebel on AWS Contributors The following individuals and organizations contributed to this document Ashok Sundaram, Solutions Architect, Amazon Web Services Milind Waikul, CEO, Enterprise
More information