Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Amazon Web Services

No description
by

jake koelker

on 14 March 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Amazon Web Services

What is AWS? Amazon Web Services offers a complete set of infrastructure and application services that enable you to run virtually everything in the cloud: from enterprise applications and big data projects to social games and mobile apps. Why AWS? Level 1 Service Provider Where is my data stored? Is my environment scanned? E-Commerce Applications Using AWS and Amazon Checkout By Amazon: Amazon Simple Pay: Amazon WebStore: Amazon Mechanical Turk: Cloud Security Alliance AWS MarketPlace Cloud Computing Compute & Networking Storage Database Application Services Deployment & Management Web, Mobile, Social Apps Digital Media & Marketing Business Applications Backup & Archive (in other words: a lot) Low ongoing cost No hardware needed Flexible: Pay for what you use Apps not Ops: No need for IT infrastructure Speed and agility Validated October 31, 2012 "Merchants and other PCI service providers can use the AWS PCI-compliant technology infrastructure for storing, processing, and transmitting credit card information in the cloud, as long as those customers create PCI compliance for their part of the shared environment." Merchant chooses where their data and servers will be stored: US East (Northern Virginia) US West (Northern California) US West (Oregon) GovCloud (Oregon) EU (Ireland) Asia Pacific (Singapore) Asia Pacific (Tokyo) South America (Sao Paulo) AWS partners with independent security firms to perform external vulnerability threat assessments BUT AND AWS regularly scans all internet-facing IP addresses What are my PCI Compliance requirements? AWS, as a service provider, does not directly manage cardholder environment (and therefore, unlike merchants, does not require certification). AWS provides a secure environment that has been validated by a QSA, allowing merchants to establish a secure cardholder environment and to achieve their own certification, having confidence that their underlying technology infrastructure is compliant. For the portion of the PCI cardholder environment deployed in AWS, your QSA can rely on our validated service provider status, but you will still be required to satisfy all other PCI compliance and testing requirements, including how you manage the cardholder environment that you host with AWS. Standard Inline The Cloud Security Alliance (CSA) is a “not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.” [Reference https://cloudsecurityalliance.org/about/] Founded December 2008 The CSA Consensus Assessments Initiative Questionnaire provides a set of questions the CSA anticipates a cloud consumer and/or a cloud auditor would ask of a cloud provider. It provides a series of security, control, and process questions which can then be used for a wide range of uses, including cloud provider selection and security evaluation. AWS has completed this questionnaire. "These scans do not include customer instances" Specifically, addresses how PCI DSS Requirement 12.8 ("if cardholder data is shared with service providers, are policies and procedures maintained and implemented to manage service providers...") applies to various cloud scenarios. Most useful to PCI DSS QSA as well as merchants planning or implementing PCI compliance. Mission is to implement PCI DSS controls in cloud computing environments Covers the shared responsibility between service providers and merchants in implementing PCI DSS controls. Mechanical Turk How are PP merchants utilizing AWS? Website hosting provider (S3): 2 MIDs S3 & EC2 EC2 Enables "compute" in the cloud S3 Enables storage in
the cloud Elastic Compute Cloud Simple Storage Service Geared towards designers Works in concert with other AWS Elastic= increase or decrease capacity in minutes. "Pay as You Go" Host your website here Geared towards designers Data Center/Server Rackspace (S3): 4 MIDs Co-Location/Backup Hosting Provider (EC2): 3 MIDs Types of Software available: Open-source From well-known vendors (IBM, Microsoft, etc) Pay as you go products Free software Hosted software with varied pricing Amazon VPC: Private, isolated portion of AWS Amazon Glacier: lower storage
costs but longer retrieval times
(4-5 hours) Created new website using AWS and had it online in less than one month During 2012 SuperBowl, Shazam app ran on EC2 to support higher traffic volume Built 200 apps for the 20012 campaign using AWS that helped volunteers collaborate Partnered with MarketShare to develop ticketing app called PriceMaster Uses S3 to store log files (100GB/day) Uses VPC for secure environment for computations Uses EC2 to self-host and perform analytics Uses S-3 and EC2 to power iPhone app uses AWS to deliver content of Mars Exploration Program Auto-scaling (more servers during the day- less at night) and S3 for storage (410 TB of info) After database compromise in '08 which caused trouble shipping DVDs, decided to grow and move streaming service to cloud. Streaming service out of cloud in '10. How developers setup FPS User experience with FPS Flexible Payments Service Get a payment from customer Reserve funds on customer's card to settle later Refund completed payments Cancel Transactions A PCI Compliant way to accept payments using AWS Who else is using AWS? *No need to pay for a merchant account; Amazon provides payment processing with the latest Amazon fraud protection Recently migrated streaming video service to AWS Uses AWS to store it's 16 million songs
Full transcript