Security managers july 2015 (1)

Arthur Schmunk

Director of CloudZone

[email protected]

+972 54 6668291

AWS is our Business! Whats yours?

ענןמהו ?

Matrix IT work Copyright 2014. Do not remove source or Attribution from any graphic or portion of graphic

CloudZone, Matrix’s cloud unit, is a leading AWS solution provider in region. With over 5 years of experience with AWS, CloudZone provides its customers with a complete service package that includes consulting, professional services and managed services.

As an Premier Consulting Partner , Worldwide Channel Reseller, Authorised Government Reseller and Managed Service Provider of Amazon Web Services, we ensure that our customers adopt the most advanced technologies and best practices.


We Are Here to Help

Account Managers Solution Architects Tools Professional Services


The cloud is the new normalAndy Jassy, senior vice president of Amazon Web Services


Gartner Magic Quadrant for Cloud IaaS

Gartner “Magic Quadrant for Cloud Infrastructure as a Service,” Lydia Leong, Douglas Toombs, Bob Gill, Gregor Petri, Tiny Haynes, May 28, 2014. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available at http://aws.amazon.com/resources/analyst-reports/. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


http://aws.amazon.com/resources/analyst-reports/

More than 1 million active customers


Trusted by Enterprises Around the World


8


AWS Global Infrastructure

Application Services

Networking

Deployment & Administration

DatabaseStorageCompute

Breadth & Depth of Functionality


AWS Rapid Pace of Innovation

2009

Amazon RDS

Amazon VPC

Auto Scaling

Elastic Load

Balancing

+48

2010

Amazon SNS

AWS Identity

& Access

Management

Amazon Route 53

+61

2011

Amazon

ElastiCache

Amazon SES

AWS

CloudFormation

AWS Direct

Connect

AWS Elastic

Beanstalk

GovCloud

+82

Amazon

CloudTrail

Amazon

CloudHSM

Amazon

WorkSpaces

Amazon Kinesis

Amazon Elastic

Transcoder

Amazon

AppStream

AWS OpsWorks

+280

2013

Amazon SWF

Amazon Redshift

Amazon Glacier

Amazon

Dynamo DB

Amazon

CloudSearch

AWS Storage

Gateway

AWS Data

Pipeline

+159

2012

Since inception AWS has:

• Released 1111 new services and features

• Introduced more than 40 major new services

• Announced 45 price reductions

2008

+24Amazon EBS

Amazon

CloudFront

+500

2014

Amazon Cognito

Amazon Zocalo

Amazon Mobile

Analytics

AWS Directory

Service

Amazon RDS for Aurora

AWS CodeDeploy

AWS Lambda

AWS Config

AWS Key Management

Service

AWS Service Catalog

Amazon EC2

Container Service

AWS CodePipeline

AWS CodeCommit


Amazon

ElasticCache

reduces prices for

cache nodes by an

average of 34%

March 26, 2014

34%Amazon S3 reduces

prices for Standard and

Reduced Redundancy

Storage, by an average

of 51%

March 26, 2014

51%

We’ve announced price reductions 47* times since our

inception in 2006. Recent price drops included…

Amazon Route 53

lowers prices for both

Standard Queries and

Latency Based Routing

Queries by 20%

July 31, 2014

20%

*as of Nov 10, 2014


11 Regions

28 Availability Zones

54 Edge Locations



Reserved

Make a low, one-time

payment and receive a

significant discount on

the hourly charge

For committed

utilization

Free Tier

Get Started on AWS

with free usage & no

commitment

For POCs and

getting started

On-Demand

Pay for compute

capacity by the hour

with no long-term

commitments

For spiky workloads,

or to define needs

Spot

Bid for unused

capacity, charged at a

Spot Price which

fluctuates based on

supply and demand

For time-insensitive or

transient workloads

Dedicated

Launch instances within

Amazon VPC that run

on hardware dedicated

to a single customer

For highly sensitive or

compliance related

workloads

Many pricing models to support different workloads


Increased agility has become

the #1 reason organizations use

the AWS cloud


Organizations Can’t Afford to Be Slow

Add New Dev Environment

Add New Prod Environment

Add New Environment in Japan

Add 1,000 Servers

Remove 1,000 Servers

Deploy 1 PB Data Warehouse

Shut down 1 PB Data Warehouse

AWS:

Infrastructure in minutesOld World:

Infrastructure in weeks

Everything changes with this kind of agility


A Culture of Innovation: Experiment Often & Fail without Risk

On-Premises

Experiment infrequently

Failure is expensive

Less innovation

Experiment often

Fail quickly at a low cost

More innovation

$ Millions

Nearly $0


Cloud Is Always About Money?


72% savings

*According to the IDC in 2012


SECURITY IS SHARED


WHAT NEEDS

TO BE DONE

TO KEEP THE

SYSTEM SAFE


WHAT

WE DO

FOR YOU

WHAT YOU DO

YOURSELF


EVERY CUSTOMER HAS ACCESS

TO THE SAME SECURITY

CAPABILITIES

CHOOSE WHAT’S RIGHT FOR YOUR ENTERPRISE


“Based on our experience, I believe that we can be even more secure in the AWS cloud than in our own data centers”

Tom Soderstrom – CTO NASA JPL


IDC Survey

Attitudes and Perceptions Around Security and Cloud Services

Nearly 60% of organizations agreed that CSPs [Cloud Service Providers] provide better security than their own IT organization

Source: IDC 2013 U.S. Cloud Security Survey

Doc #242836, September 2013


AWS SECURITY OFFERS MORE

VISIBILITYAUDITABILITY

CONTROL


MORE VISIBILITY


CAN YOU MAP YOUR NETWORK?

WHAT IS IN YOUR ENVIRONMENT

RIGHT NOW?




TRUSTED ADVISOR



MORE AUDITABILITY



LOGSOBTAINED, RETAINED, ANALYZED


You are making

API calls...On a growing set

of services around

the world…

CloudTrail is

continuously

recording API

calls…

And delivering

log files to you

AWS CLOUDTRAIL



AWS Security Delivers More Control & GranularityCustomize the implementation based on your business needs

AWS

CloudHSM

Defense in depth

Rapid scale for security

Automated checks with AWS Trusted Advisor

Fine grained access controls

Server side encryption

Multi-factor authentication

Dedicated instances

Direct connection, Storage Gateway

HSM-based key storage

AWS IAM

Amazon VPC

AWS Direct

Connect

AWS Storage

Gateway


AWS IAMIDENTITY & ACCESS MANAGEMENT


CONTROL WHO CAN DO WHAT

WITH YOUR AWS ACCOUNT



MFA DELETE PROTECTION



YOUR DATA STAYSWHERE YOU PUT IT


USE MULTIPLE AZs

AMAZON S3

AMAZON DYNAMODB

AMAZON RDS MULTI-AZ

AMAZON EBS SNAPSHOTS


ENCRYPT YOUR DATAAWS CLOUDHSM

AWS Key Management Service

AMAZON EBS

AMAZON S3 SSE

AMAZON GLACIER

AMAZON REDSHIFT

AMAZON RDS


DATA ENCRYPTION

CHOOSE WHAT’S RIGHT FOR YOU:

Automated – AWS manages encryption

(e.g. S3 SSE)

Enabled – user manages encryption using AWS

(e.g. AWS CloudHSM, AWS KMS)

Client-side – user manages encryption using their own means


AWS CloudHSM

Managed and monitored by AWS, but you control the keys

Increase performance for applications that use HSMs for key storage or encryption

Comply with stringent regulatory and contractual requirements for key protection

EC2 Instance

AWS CloudHSM

AWS CloudHSM



Thank You!

יקיריהםושלשלהםבתמונותששיתפומטריקסלעובדימיוחדתתודה

Arthur Schmunk

[email protected]


mailto:[email protected]

Date post:	12-Aug-2015
Category:	Technology
Upload:	cloudzone
View:	56 times
Download:	5 times

Security managers july 2015 (1)

Technology