The Cloud Changes Nothing

… and Everything!

©Amazon.com, Inc. and its affiliates. All rights reserved.

Deep experience in building

and operating global web

scale systems

About Amazon Web

Services

?

…get into cloud computing?

How did Amazon…

Consumer Business

Tens of millions of active customer

accounts

Eight countries: US, UK, Germany,

Japan, France, Canada, China, Italy

Seller Business

Sell on Amazon websites

Use Amazon technology for your own retail website

Leverage Amazon’s massive fulfillment

center network

IT Infrastructure Business

Cloud computing infrastructure for hosting web-scale

solutions

Hundreds of thousands of

registered customers in over 190 countries

AWS Mission

Enable businesses and developers to use web services* to build scalable,

sophisticated applications.

*What people now call “the cloud”

Not excess capacity!

Each day AWS adds the equivalent server

capacity to power Amazon when it was a

global, $5B enterprise

$5.2B retail business

7,800 employees

A whole lot of servers

2003

Migrate existing apps &

data to the cloud

Build new apps, sites,

services & lines of

businesses

Augment On-Premises

resources with cloud

capacity

How Enterprises Use AWS

What is AWS?

AWS Global Infrastructure

Application Services

Networking

Deployment & Administration

Database Storage Compute

AWS Global Infrastructure

9 Regions

25 Availability Zones

Continuous Expansion

Powering the Most Popular Internet Businesses

Trusted by Enterprises

What are Customers Using the AWS Cloud For?

Shell uses AWS to Develop Software Faster and Cheaper

Remote Team

Core Development Team

Extra Development Resources

Contractor Team

Lamborghini uses AWS for Dynamic Webapps

Reduced

infrastructure

costs by 50%

Reduced time to

market to near

Zero

Shaw Media uses AWS for Disaster Recovery

Saved $1.8

Million in

second site

costs

Snapshots for

granular

rollbacks

Primary site

Before

After

Primary site

Disaster Recovery Site

Bankinter uses HPC on AWS for Monte Carlo Simulation

Javier Roldán Director of Technical Innovation

“Bankinter uses AWS as an integral part of our credit-risk simulation application; We need to perform at least 5,000,000 simulations to get realistic results”

Credit Data

Average simulation

time went from 23

hours to 20

minutes

Lionsgate uses AWS To host SharePoint & SAP

Amazon VPC

Avoided data

center build

out

Saved $1M

over

3 years

50% lower

cost than

hosting options

Nasdaq used AWS to Build a New Line of Business

Web Application (PCI-DSS)

Security is Our #1 Priority

Architected for Enterprise Security Requirements

“The Amazon Virtual Private Cloud

[Amazon VPC] was a unique option that

offered an additional level of security and

an ability to integrate with other aspects of

our infrastructure.”

Dr. Michael Miller, Head of HPC for R&D

Shared Responsibility for Security & Compliance

Facilities

Physical Security

Compute Infrastructure

Storage Infrastructure

Network Infrastructure

Virtualization Layer

Operating System

Applications

Security Groups

Firewalls

Network Configuration

Account Management

+ =

Customer

The Whole Customer Community Benefits from Security Improvements

Everyone’s Applications

Security Infrastructure

Security Infrastructure

Requirements Requirements Requirements

AWS CloudHSM

HSM – Hardware Security Module

• A hardware device that performs cryptographic operations and key storage

• Used for strong protection of private keys

• Tamper resistant – keys are protected physically and logically

- If a tampering attempt is detected, the appliance destroys the keys

• Device administration and security administration are logically separate

- Physical control of the appliance does not grant access to the keys

• Certified by 3rd parties to comply with government standards of physical and logical security

- FIPS 140-2

- Common Criteria EAL4+

• Historically located in on-permises datacenters

HSM

SafeNet – AWS Advanced Technology Partner

AWS currently provides Luna SA HSM appliances from SafeNet

What is AWS CloudHSM?

Dedicated access to HSM appliances managed & monitored by AWS, but you control the keys Increase performance for applications that use HSMs for key storage or encryption Comply with stringent regulatory and contractual requirements for key protection

EC2 Instance

AWS CloudHSM

AWS CloudHSM

AWS CloudHSM Service Highlights

• Secure Key Storage – customers retain control of their own keys and

cryptographic operations on the HSM

• Contractual and Regulatory Compliance – helps customers comply with the

most stringent regulatory and contractual requirements for key protection

• Reliable and Durable Key Storage – AWS CloudHSMs are located in

multiple Availability Zones and Regions to help customers build highly available

applications that require secure key storage

• Simple and Secure Connectivity – AWS CloudHSMs are in the customer’s

VPC

• Better Application Performance – reduce network latency and increase the

performance of AWS applications that use HSMs

How Customers Use AWS CloudHSM

Customers use AWS CloudHSM as an architectural building block in securing

applications

– Object encryption

– Digital Rights Management (DRM)

– Document signing

– Secure document repository

– Database encryption

– Transaction processing

AWS Security Resources

• http://aws.amazon.com/security/

• Answers to many security & privacy questions:

– Security Whitepaper

– Risk and Compliance Whitepaper

• Regularly Updated

• Feedback is welcome

Thanks

©Amazon.com, Inc. and its affiliates. All rights reserved.