Compliance and Security in a Cloud-First Era
|
|
- Calvin Ramsey
- 6 years ago
- Views:
Transcription
1 Compliance and Security in a Cloud-First Era
2
3
4
5
6 Regions: Dublin (EU-West) 3 x Availability Zones Launched in 2007 Frankfurt (EU-Central) 2 x Availability Zones Launched 2014 Edge Locations: Amsterdam, The Netherlands (2), Dublin, Ireland, Frankfurt, Germany (3), London, England (3), Madrid, Spain, Marseille, France, Milan, Italy, Paris, France (2), Stockholm, Sweden, and Warsaw, Poland Direct Connect POPs: Dublin, London, Frankfurt
7
8
9 Customers shared responsibility Customer applications & content Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Customers are responsible for their security IN the Cloud AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Locations AWS is responsible for the security OF the Cloud
10 Customers Customer content Platform & Applications Management Operating System, Network & Firewall Configuration Client-Side Data encryption & Data Integrity Authentication Server-Side Encryption Fire System and/or Data Network Traffic Protection Encryption / Integrity / Identity Customer IAM Managed by AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Optional Opaque data: 1 s and 0 s (in transit/at rest) Availability Zones Regions Edge Locations AWS IAM Managed by
11 Customers Client-Side Data encryption & Data Integrity Authentication Customer content Network Traffic Protection Encryption / Integrity / Identity Optional Opaque data: 1 s and 0 s (in transit/at rest) Platform & Applications Management Operating System, Network Configuration Firewall Configuration Customer IAM Managed by Managed by AWS Foundation Services Compute Storage Database Networking AWS IAM AWS Global Infrastructure Availability Zones Regions Edge Locations
12 Customers Managed by Optional Opaque Data: 1 s and 0 s (in flight / at rest) AWS Foundation Services Customer content Client-Side Data Encryption & Data Integrity Authentication Server Side Encryption by the Platform Protection of Data at Rest Network Traffic Protection by the Platform Protection of Data at in Transit Platform & Applications Management Operating System, Network & Firewall Configuration Compute Storage Database Networking AWS IAM Managed by AWS Global Infrastructure Availability Zones Regions Edge Locations
13
14 Security cannot be a blocker of innovative business
15
16
17 We ll also see organizations adopt cloud services for the improved security protections and compliance controls that they otherwise could not provide as efficiently or effectively themselves. - Security s Cloud Revolution Is Upon Us, Forrester Research, Inc., August 2, 2013
18 Singapore MTCS
19
20
21
22
23
24
25
26
27 Customers Your own accreditation Your own certifications Your own external audits Customer scope and effort is reduced Better results through focused efforts AWS Foundation Services Compute Storage Database Networking Built on AWS consistent baseline controls AWS Global Infrastructure Availability Zones Regions Edge Locations
28 TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA
29 Defining the information domain Structure analysis Modeling the domain Based on the whitepaper IT Grundschutz compliance on Amazon Web Services. TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 30
30 Source: BSI-Standard 100-1, Information Security Management Systems (ISMS), Version 1.5, p. 10 TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 31
31 Information domain: infrastructure, organization, staff and technical objects that are used for information processing. Organization Infrastructure IT systems Applications Employees Information domain can include: entire institutions or single areas or focus on e.g. certain applications. Information domain is essentially the scope of an ISMS and the related certification. Noteworthy: IT Grundschutz is certified on the basis of ISO 27001; therefore, IT Grundschutz is fully compatible with ISO and TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 32
32 Detailed description of any part of the information domain. Generally based on a network plan. When using external providers ( outsourcing ), interfaces must be included in the documentation. Result: a list of components that are relevant for the IT Grundschutz methodology. In an AWS context, the components are located both at the customer and at AWS. TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 33
33 Security IN the cloud Responsibility of the customer As customers retain control of what security they choose to implement to protect their own: content, platform, applications, systems and networks, no differently than they would for applications in an on-site datacenter Security OF the cloud Security of the cloud refers to how AWS manages the security of the cloud s underlying infrastructure. AWS operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the AWS services operate Conclusion - IT Grundschutz modules to be addressed by the customer (security in the cloud) Modules to be delivered by AWS (security of the cloud). TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 34
34 Replicating the information domain using the modules and related instructions found in the IT Grundschutz catalogues. Modules are used for structuring the recommendations of the IT- Grundschutz catalogues into: technical components or organizational measures, with respective security measures. Based on protection requirements of the components. Examples for modules that need to be addressed by the customer: M 1.11 Outsourcing M 1.12 Archiving TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 35
35 The customer does not have to implement the respective modules if a task has been completely transferred to AWS. Some modules need to be addressed by both sides. Examples for modules that need to be addressed by AWS: M 2.1 General building M 2.2 Electric cabling M 2.9 Data centers M 2.12 IT-cabling The Whitepaper IT Grundschutz compliance on Amazon Web Services contains more details on modules. TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 36
36 Contents of the whitepaper: Abstract Section 1 Customer View Description of the IT-Grundschutz catalogues to be modeled Modules to be addressed by the customer Implementing catalogue M 1.11 Outsourcing Modules to be delivered by AWS Section 2 AWS View Description of what needs to be provided by the customer Covering requirements with existing AWS certifications or measures AWS Alignment to BSI IT-Grundschutz TÜV TRUST IT GmbH Unternehmensgruppe TÜV AUSTRIA Page 37
37
38
39
40 Company: UK-based global communications platform for call centers to capture communications data Challenge: must comply with PCI DSS so their customers can process payment card data on the platform Results: PCI certified on AWS; also SOC 1 Type 2 audited, ISO certified
41 Company: France-based insurance and healthcare coverage company, responsible for secure use and storage of confidential customer information Challenge: move critical IT to AWS and comply with the Solvency II Directive (EU insurance regulation) Results: Moved to AWS, realized cloud benefits (financial, security, scalability, availability, resiliency) and remain fully compliant with Solvency II and other compliance requirements. They are moving their other environments onto AWS.
42
43
44
45
46 awscompliance
AWS Data Security Security Update
AWS Data Security Security Update December 1 st 2015 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Security Agenda 1:00 pm AWS Security Overview + What s New 2:00 pm Network
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stephen Quigg Principal Security Solutions Architect 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why is enterprise
More informationIntroduction to AWS GoldBase
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS October 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationAWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE
AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE 2018 1 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationMid-Atlantic CIO Forum
Mid-Atlantic CIO Forum Agenda Security of the Cloud Security In the Cloud Your Product and Services Roadmap (innovation) AWS and Cloud Services Growth and Expansion at AWS Questions & Discussion Shared
More informationData Protection in the AWS Cloud: Implementing GDPR and Overview of C5
Data Protection in the AWS Cloud: Implementing GDPR and Overview of C5 Gerald Boyne, Christian Hesse Security Assurance Germany 25.11.2017 2017, Amazon Web Services, Inc. or its Affiliates. All rights
More informationAwareness Technologies Systems Security. PHONE: (888)
Awareness Technologies Systems Security Physical Facility Specifications At Awareness Technologies, the security of our customers data is paramount. The following information from our provider Amazon Web
More informationLayer Security White Paper
Layer Security White Paper Content PEOPLE SECURITY PRODUCT SECURITY CLOUD & NETWORK INFRASTRUCTURE SECURITY RISK MANAGEMENT PHYSICAL SECURITY BUSINESS CONTINUITY & DISASTER RECOVERY VENDOR SECURITY SECURITY
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationSecure Esri Solutions in the AWS Cloud. CJ Moses, AWS Deputy CISO
Secure Esri Solutions in the AWS Cloud CJ Moses, AWS Deputy CISO Security in the cloud is a shared responsibility between AWS and the customer AWS Facilities Physical Security Physical Infrastructure Network
More informationThe Cloud Changes Nothing and Everything! Amazon.com, Inc. and its affiliates. All rights reserved.
The Cloud Changes Nothing and Everything! Amazon.com, Inc. and its affiliates. All rights reserved. About How Amazon did Amazon Web Services Deep experience in building and operating global web scale systems?
More informationCrises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.
Crises Control Cloud Security Principles Transputec provides ICT Services and Solutions to leading organisations around the globe. As a provider of these services for over 30 years, we have the credibility
More informationCertificate Certificate number:
Certificate Certificate number: 2017-009 Based on certification examination in conformity with defined requirements in ISO/IEC 17021:2015 and ISO/IEC 27006:2015, the Information Security Management System
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationCertificate. Certificate number: Certified by EY CertifyPoint since: February 28, 2017
Certificate Certificate number: 2017-009 Certified by EY CertifyPoint since: February 28, 2017 Based on certification examination in conformity with defined requirements in ISO/IEC 17021-1:2015 and ISO/IEC
More informationInformation Security at Veritext Protecting Your Data
Information Security at Veritext Protecting Your Data The Veritext Security Model Introduction Information security and privacy are built into the fabric of everything we do at Veritext. Helping to protect
More informationCertificate. Certificate number: Certified by EY CertifyPoint since: November 20, 2015
Certificate Certificate number: 2015-020 Certified by EY CertifyPoint since: November 20, 2015 Based on certification examination in conformity with defined requirements in ISO/IEC 17021-1:2015 and ISO/IEC
More informationGEANT Cloud Framework Agreement
TIM Overview Employees 65,867 Customers (Mln) 126 Revenues (Bn ) 19,718 Data as of December 2015 2 TIM Overview TIM is the leading Italian Telecommunications and ICT provider. In the areas of: fixed and
More informationzsah Cloud Offering Security FAQ In partnership with Clearswift
zsah Cloud Offering Security FAQ In partnership with Clearswift zsah s Cloud Offering Overview zsah Main office and Data Centres Our main office is located in central London with support staff available
More informationAWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE
AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE Education Edition 2018 1 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes
More informationCloud Transformation and Significance of Security
Cloud Transformation and Significance of Security Mohit Sharma, Chief Architect & Cloud Evangelist @onlinesince2009 www.cloudsec.com Datacenter Management Change Management Policy Physical Network Management
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stella Lee Manager, Enterprise Business Development $ 2 0 B + R E V E N U E R U N R A T E (Annualized from Q4 2017) 4 5 % Y / Y G R O W T
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More information10 Considerations for a Cloud Procurement. March 2017
10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationGlobal Deployment of SD-WAN. Mike Howell October 2017
Global Deployment of SD-WAN Mike Howell October 2017 Rentokil Initial Rentokil Initial is a member of the FTSE100 and is an international pest control and hygiene services company. 35,000+ employees 1800
More informationDimension Data IaaS Services. Gary Ramsay
Dimension Data IaaS Services Gary Ramsay 29.08.2017 In a world first, Dimension Data provided real-time data analytics on each of the 198 riders in this year s Tour de France. accelerate your ambition
More informationBy 2020, a corporate no-cloud policy will be as rare as a no-internet policy is today. 1
By 2020, a corporate no-cloud policy will be as rare as a no-internet policy is today. 1 The question is no longer: How do I move to the cloud? Instead, it s Now that I m in the cloud, how do I make sure
More informationWhitepaper on EU Data Protection October 2014
Whitepaper on EU Data Protection October 2014 (Please see http://aws.amazon.com/compliance/aws-whitepapers/ for the latest version of this paper, and http://aws.amazon.com/de/data-protection/ for the German
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationDeploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP)
Deploying to the Cloud: A Case study on the Development of EHNAC s Cloud Enabled Accreditation Program (CEAP) May 16, 2016 Speakers Ron Moser, Managing Director, Moserhaus Consulting, LLC and Sr. Consultant,
More informationINTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE
INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE INTRODUCTION AGENDA 01. Overview of Cloud Services 02. Cloud Computing Compliance Framework 03. Cloud Adoption and Enhancing
More informationAccelerating the HCLS Industry Through Cloud Computing
Accelerating the HCLS Industry Through Cloud Computing Use cloud computing to accelerate life sciences and healthcare specific workloads, and meet the unique computation, storage, security, and compliance
More informationMicrosoft Azure Security, Privacy, & Compliance
Security, Privacy, & Compliance Andreas Grigull Geschäftsentwicklung Assekuranz Installation von 2000 Servern in 3 Stunden Technology trends: driving cloud adoption BENEFITS Speed Scale Economics Cloud
More informationKimberly Nelson Executive Director Government Solutions US SLG. March 2017
Kimberly Nelson Executive Director Government Solutions US SLG March 2017 We will always be partner led. Satya Nadella Fourth industrial revolution Gartner s Digital Maturity Model for Government
More informationThis presentation is intended to provide an overview of GDPR and is not a definitive statement of the law.
Privacy, Trust, and the General Data Protection Regulation (GDPR) Robertas Tamosaitis Microsoft Business Solution Sales Specialist E-mail: rtamosa@microsoft.com This presentation is intended to provide
More informationTitle: Planning AWS Platform Security Assessment?
Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning
More informationHosting Your Data. Website Hosting, Security, Data Protection & Information Governance (IG)
Hosting Your Data Website Hosting, Security, Data Protection & Information Governance (IG) LHM is a web solutions provider that creates technology, products and software that is meaningful and measurable.
More informationISO/IEC ISO/IEC White Paper
White Paper 2 Contents Foreword from Richard Pharro, CEO, APMG 3 Introduction 4 Overview 5 Benefits 8 Conclusion 10 Further information 10 3 Foreword by Richard Pharro, CEO, APMG The close relationship
More informationASD CERTIFICATION REPORT
ASD CERTIFICATION REPORT Amazon Web Services Elastic Compute Cloud (EC2), Virtual Private Cloud (VPC), Elastic Block Store (EBS) and Simple Storage Service (S3) Certification Decision ASD certifies Amazon
More informationMagento GDPR Frequently Asked Questions
Magento GDPR Frequently Asked Questions Whom does GDPR impact? Does this only impact European Union (EU) based companies? The new regulation provides rules that govern how companies may collect and handle
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More informationMapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd
Berlin Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd AWS Compliance Display Cabinet Certificates: Programmes:
More informationAUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE
AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationEO Ground Segment Evolution Reflections by
EO Ground Segment Evolution Reflections by Interoute Jonathan Brown Marketing Director Workshop 2015, 24 th September 2015 ESA/ESRIN Frascati Interoute, from the ground to the cloud 1. Interoute is the
More informationA compliance journey to the cloud how to build a medical cloud platform regulatory- and ISO27000-compliant. Carl Zeiss Meditec AG Thorsten Bischoff
A compliance journey to the cloud how to build a medical cloud platform regulatory- and ISO27000-compliant Carl Zeiss Meditec AG Thorsten Bischoff Carl Zeiss Meditec Company Snapshot Headquarters in Jena,
More informationCertificate of Approval
Certificate of Approval This is to certify that the Management System of: Interoute London DC2, London Citi, 3rd Floor, 25 Canada Square, Canary Wharf, London, E14 5LQ, United Kingdom has been approved
More informationBSI C5 Status Quo. Dr. Clemens Doubrava, BSI,
BSI C5 Status Quo Dr. Clemens Doubrava, BSI, 11.12.2017 Expectations Cloud Service Provider Customers, more customers, An Everything-is-secure -Certification Preferably including data protection (GDPR)
More informationBetter, Faster, Stronger web apps with Amazon Web Services. Senior Technology Evangelist, Amazon Web Services
Better, Faster, Stronger web apps with Amazon Web Services Simone Brunozzi ( @simon ) Senior Technology Evangelist, Amazon Web Services (from the previous presentation) Knowledge starts from great questions.
More informationAmazon Web Services. Foundational Services for Research Computing. April Mike Kuentz, WWPS Solutions Architect
Amazon Web Services Foundational Services for Research Computing Mike Kuentz, WWPS Solutions Architect April 2017 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Global Infrastructure
More informationPaperspace. Security Primer & Architecture Overview. Business Whitepaper. 20 Jay St. Suite 312 Brooklyn, NY 11201
Paperspace Security Primer & Architecture Overview Copyright 2017 Paperspace, Co. All Rights Reserved - 1 - Business Whitepaper Paperspace www.paperspace.com Paperspace Virtual Desktops: A foundation for
More informationKantanMT.com. Security & Infra-Structure Overview
KantanMT.com Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions...
More informationCompliant. Secure. Dependable.
NAVIFY Cloud Security with the NAVIFY Tumor Board solution Compliant. Secure. Dependable. Trust that your oncology patients healthcare information stays protected. In the era of precision medicine, you
More informationSecurity Architecture Models for the Cloud
White Paper Security Architecture Models for the Cloud Introduction While Hardware Security Module (HSM) customers traditionally have their own infrastructures and data centers and run HSMs on premises,
More informationAWS Security. Stephen E. Schmidt, Directeur de la Sécurité
AWS Security Stephen E. Schmidt, Directeur de la Sécurité 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express
More informationAutomate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds
EXECUTIVE BRIEF SHAREBASE BY HYLAND Automate sharing. Empower users. Retain control. With ShareBase by Hyland, empower users with enterprise file sync and share (EFSS) technology and retain control over
More informationabout us bandwidth changes everything
about us bandwidth changes everything bandwidth changes everything We are a facilities based bandwidth infrastructure provider, delivering scalable, fibre based network solutions to our customers across
More informationThe Added Value of IBM for your Business Continuity Management Program. Paul Heinz GTS BCRS Business Manager. IBM Global Services
IBM Global Services The Added Value of IBM for your Business Continuity Management Program Paul Heinz GTS BCRS Business Manager IBM Global Services IBM takes a comprehensive approach to the issues that
More informationSecurity: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration
Security: A Driving Force Behind Moving to the Cloud Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration 2017, Amazon Web Services, Inc. or its affiliates.
More informationAvanade Zerouno : Cloud Experience. Version 1.0 May 16, 2017 Author(s): Ivan Loreti
Avanade Zerouno : Cloud Experience Version 1.0 May 16, 2017 Author(s): Ivan Loreti Cloud s opportunities range beyond IT The Intelligent Business Cloud enables the digital business Smartly connects infrastructure,
More informationCustom hosting solutions orchastrated for your needs.
Custom hosting solutions orchastrated for your needs. Cloud Hosting IaaS Colocation DRaaS & Backup Hosting AWS Monitoring PaaS/CaaS (for Developers) Why Customers Choose Us Whether you re just starting
More informationAWS Storage Gateway. Amazon S3. Amazon EFS. Amazon Glacier. Amazon EBS. Amazon EC2 Instance. storage. File Block Object. Hybrid integrated.
AWS Storage Amazon EFS Amazon EBS Amazon EC2 Instance storage Amazon S3 Amazon Glacier AWS Storage Gateway File Block Object Hybrid integrated storage Amazon S3 Amazon Glacier Amazon EBS Amazon EFS Durable
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSecurity Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security Aspekts on Services for Serverless Architectures Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Security in General Services in Scope Aspects of Services for
More informationCTS performs nightly backups of the Church360 production databases and retains these backups for one month.
Church360 is a cloud-based application software suite from Concordia Technology Solutions (CTS) that is used by churches of all sizes to manage their membership data, website, and financial information.
More informationhybrid cloud for science Kickoff Phase 3 Pilot FeBRUARY, 6 th / 7 th 2018 Team T-Systems/Huawei/Cyfronet/Divia
hybrid cloud for science Kickoff Phase 3 Pilot FeBRUARY, 6 th / 7 th 2018 Team T-Systems/Huawei/Cyfronet/Divia Helix Nebula Science CLOUD Vision T-Systems Helix nebula will be the leading european hybrid
More informationThe Nasuni Security Model
White Paper Nasuni enterprise file services ensures unstructured data security and privacy, enabling IT organizations to safely leverage cloud storage while meeting stringent governance and compliance
More informationSecurity on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
More informationLOGmanager and PCI Data Security Standard v3.2 compliance
LOGmanager and PCI Data Security Standard v3.2 compliance Whitepaper how deploying LOGmanager helps to maintain PCI DSS regulation requirements Many organizations struggle to understand what and where
More informationContinuous Innovation DevOps and agile Deployment with AWS. Mickael Zewde
x Continuous Innovation DevOps and agile Deployment with AWS Mickael Zewde Claranet About us Claranet, one of the leading Managed Service Providers for integrated hosting and network solutions in Europe:
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationOptiSol FinTech Platforms
OptiSol FinTech Platforms Payment Solutions Cloud enabled Web & Mobile Platform for Fund Transfer OPTISOL BUSINESS SOLUTIONS PRIVATE LIMITED #87/4, Arcot Road, Vadapalani, Chennai 600026, Tamil Nadu. India
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationCisco Cloud Security Privacy Data Sheet
Cisco Cloud Email Security Privacy Data Sheet This Privacy Data Sheet describes the processing of personal data (or personal identifiable information) by Cisco Cloud Email Security. Overview of Cisco Cloud
More informationMorgan Independent Software Vendor Lead
Morgan Webb @morgan_msft Independent Software Vendor Lead Digital transformation Hybrid Cloud Platform Choice Global: Hyper-scale, globally connected cloud services deployed from regional Microsoft datacenters.
More informationCloud Computing Lectures. Cloud Security
Cloud Computing Lectures Cloud Security 1/17/2012 Why security is important for cloud computing? Multi Tenancy, that is same infrastructure, platform, Service is shared among vendors. It is accessed over
More informationISO Implementation
ISO 27000 Implementation Justin David G. Pineda Asia Pacific College Best Practice Implementation Proposal for Plato Airlines September 5, 2015 [1] Table of Contents ISO 27000... 1 Project Overview...
More informationCompliance of Panda Products with General Data Protection Regulation (GDPR) Panda Security
Panda Security Compliance of Panda Products with General Data Protection Regulation (GDPR) 1 Contents 1.1. SCOPE OF THIS DOCUMENT... 3 1.2. GENERAL DATA PROTECTION REGULATION: OBJECTIVES... 3 1.3. STORED
More informationCONSIDERATIONS BEFORE MOVING TO THE CLOUD
CONSIDERATIONS BEFORE MOVING TO THE CLOUD What Management Needs to Know Part I By Debbie C. Sasso Principal When talking technology today, it s very rare that the word Cloud doesn t come up. The benefits
More informationTieto Compliance Cloud For a more secure IT environment
Tieto Compliance Cloud For a more secure IT environment Tieto Compliance Cloud (TiCC) is a platform that helps you comply with regulatory demands, without having to host your own servers or lower your
More informationAT FIRST VIEW C U R R I C U L U M V I T A E. Diplom-Betriebswirt (FH) Peter Konrad. Executive Partner Senior Consultant
Our Contact Details IT-SCAN GMBH c/o: DOCK3 Hafenstrasse 25-27 68159 Mannheim E: info@it-scan.de W: www.it-scan.de Nationalität Berufserfahrung C U R R I C U L U M V I T A E Diplom-Betriebswirt (FH) Peter
More informationCONTINUOUS COMPLIANCE. Your next cloud compliance audit could be your last. With LayerV s Continuous Compliance Service you re covered
CONTINUOUS COMPLIANCE Your next cloud compliance audit could be your last With LayerV s Continuous Compliance Service you re covered CONTINUOUS COMPLIANCE Our Continuous Compliance Service means ultimate
More informationHP Education Services Bulgaria
HP Education Services Bulgaria 7 th October 2009 Maia Hristova 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Agenda HP Training Center
More informationNAVIFY. Cloud Security with the NAVIFY Tumor Board. Compliant. Secure. Dependable.
NAVIFY Cloud Security with the NAVIFY Tumor Board Compliant. Secure. Dependable. Trust that your oncology patients healthcare information stays protected. Security breaches are on the rise HIPAA privacy
More informationLa certificazione ISO27001
13 August 2010 La certificazione ISO27001 Driver di crescita e caso di successo di una PMI italiana LUIGI BRUSAMOLINO CISM, CRISC Managing Director Southern EMEA - BSI NICOLA MASSERONI Responsabile GRC
More informationCogeco Peer 1 PCI DSS Compliance. Overview
Cogeco Peer 1 PCI DSS Compliance Overview Cogeco Peer 1 provides Payment Card Industry Data Security Standards (PCI DSS) compliant Managed Hosting in select datacenters, facilitated by the availability
More informationEstonian Security System Overview
Estonian Security System Overview Topics History and the reasons for choosing IT Grundschutz; ISKE; Auditing/Certification Future challenges; Problems; Conclusions Why we needed IT Security Standard? In
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationCompliance & Security in Azure. April 21, 2018
Compliance & Security in Azure April 21, 2018 Presenter Bio Jeff Gainer, CISSP Senior Information Security & Risk Management Consultant Senior Security Architect Have conducted multiple Third-Party risk
More informationCC withinthe Context of the EU Privacy Seal - EuroPriSe
CC withinthe Context of the EU Privacy Seal - EuroPriSe TÜV Informationstechnik GmbH -TÜViT - Overview 1. Motivation 2. Data Privacy 3. European Privacy Seal EuroPriSe 4. CC and EuroPriSe 5. Conclusion
More informationIntermedia s Private Cloud Exchange
Intermedia s Private Cloud Exchange This is a practical guide to implementing Intermedia s Private Cloud Exchange on AWS. Intermedia, the world s independent provider of Hosted Exchange, and AWS, the leading
More informationClosing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies. Ronit Reger, Senior Program Manager at Microsoft
Closing Keynote: Addressing Data Privacy and GDPR on Microsoft Data Platform Technologies Ronit Reger, Senior Program Manager at Microsoft Session goals 1. Data Privacy and the GDPR - Data privacy as a
More informationSecurity Principles for Stratos. Part no. 667/UE/31701/004
Mobility and Logistics, Traffic Solutions Security Principles for Stratos Part no. THIS DOCUMENT IS ELECTRONICALLY APPROVED AND HELD IN THE SIEMENS DOCUMENT CONTROL TOOL. All PAPER COPIES ARE DEEMED UNCONTROLLED
More informationIT Attestation in the Cloud Era
IT Attestation in the Cloud Era The need for increased assurance over outsourced operations/ controls April 2013 Symeon Kalamatianos M.Sc., CISA, CISM Senior Manager, IT Risk Consulting Contents Introduction
More informationSecurity Overview. Technical Whitepaper. Secure by design. End to end security. N-tier Application Architecture. Data encryption. User authentication
Technical Whitepaper Security Overview As a team, we have a long history of developing and delivering HR software solutions to customers worldwide, including many of the world s most-demanding organisations.
More informationCisco Meraki Privacy and Security Practices. List of Technical and Organizational Measures
Cisco Meraki Privacy and Security Practices List of Technical and Organizational Measures Introduction Meraki takes a systematic approach to data protection, privacy, and security. We believe a robust
More informationTÜV Informationstechnik GmbH
9ICCC IT security starts here: At the building structure and its mission critical infrastructure Joachim Faulhaber & Wolfgang Peter TÜV Informationstechnik GmbH Agenda Scope Risc potentials Physical security
More information