Steve Schmidt, AWS, at AWS Re:Invent 2013 2013 with John Furrier and Dave Vellante
Dave Vellante and John Furrier, on SiliconANGLE's theCUBE, sat down on Thursday with Steve Schmidt, VP and Chief Information Security Officer for Amazon Web Services. Before joining Amazon, Schmidt was a section chief with the Federal Bureau of Investigation and he has degrees in economics, law and computer science.
Furrier started the conversation noting this must be a very interesting time as security is the primary concern of anyone who is thinking of adopting the cloud for their enterprise. He points out the cloud and Amazon have quite definitely proved themselves on this front. However, Furrier was curious to know what the security conversation was that was occurring, not only internally at Amazon, but also among attendees at the conference.
According to Schmidt, "The biggest conversations we have internally is how we reduce the perimeter around information. Customers are just demanding we keep shrinking the boundaries around information and give them more and more control over who can see what from where and when." He continued, "It used to be people fell into one of two buckets. You were a normal user or maybe you were an administrator. And there wasn't anything in between. That's no longer sufficient. People want to make sure that you can access this data from your smartphone. But somebody else who's not authorized can't."
Schmidt also spoke to the idea of perimeter security in relation to the burgeoning API economy. "It's all about making sure that when you expose information, you do so in a manner that is consistent with customer expectations. So, it's ensuring you've got the right crypto that customers can use to wrap their data up in and keep safe.
"It's also about giving them visibility into their network and the use of their data. Like with Amazon CloudTrail, which we just announced here at the show. It allows customers to see every API call they make into some of our services. And more importantly, it allows them to see behind the scenes on API calls that our services make on their behalf." Schmidt believes, in relation to data breaches, the industry needs to move to a real-time approach. He makes this in light of the fact it takes, on average, 400 days for a breach to be noticed. "One of the things we aimed for with launching CloudTrail is to give customers logs every five minutes." This, he says, will give them more rapid access to be able to identify interesting behavior and to then investigate it and learn what is going on.
@thecube
#AWSreinvent
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS re:Invent 2013 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For AWS re:Invent 2013 | Las Vegas
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for AWS re:Invent 2013 | Las Vegas.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS re:Invent 2013 | Las Vegas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to AWS re:Invent 2013 | Las Vegas
Please sign in with LinkedIn to continue to AWS re:Invent 2013 | Las Vegas. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Steve Schmidt, AWS | AWS Re:Invent 2013
Steve Schmidt, AWS, at AWS Re:Invent 2013 2013 with John Furrier and Dave Vellante
Dave Vellante and John Furrier, on SiliconANGLE's theCUBE, sat down on Thursday with Steve Schmidt, VP and Chief Information Security Officer for Amazon Web Services. Before joining Amazon, Schmidt was a section chief with the Federal Bureau of Investigation and he has degrees in economics, law and computer science.
Furrier started the conversation noting this must be a very interesting time as security is the primary concern of anyone who is thinking of adopting the cloud for their enterprise. He points out the cloud and Amazon have quite definitely proved themselves on this front. However, Furrier was curious to know what the security conversation was that was occurring, not only internally at Amazon, but also among attendees at the conference.
According to Schmidt, "The biggest conversations we have internally is how we reduce the perimeter around information. Customers are just demanding we keep shrinking the boundaries around information and give them more and more control over who can see what from where and when." He continued, "It used to be people fell into one of two buckets. You were a normal user or maybe you were an administrator. And there wasn't anything in between. That's no longer sufficient. People want to make sure that you can access this data from your smartphone. But somebody else who's not authorized can't."
Schmidt also spoke to the idea of perimeter security in relation to the burgeoning API economy. "It's all about making sure that when you expose information, you do so in a manner that is consistent with customer expectations. So, it's ensuring you've got the right crypto that customers can use to wrap their data up in and keep safe.
"It's also about giving them visibility into their network and the use of their data. Like with Amazon CloudTrail, which we just announced here at the show. It allows customers to see every API call they make into some of our services. And more importantly, it allows them to see behind the scenes on API calls that our services make on their behalf." Schmidt believes, in relation to data breaches, the industry needs to move to a real-time approach. He makes this in light of the fact it takes, on average, 400 days for a breach to be noticed. "One of the things we aimed for with launching CloudTrail is to give customers logs every five minutes." This, he says, will give them more rapid access to be able to identify interesting behavior and to then investigate it and learn what is going on.
@thecube
#AWSreinvent
