Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
FinTech スタートアップのセキュリティチェックシートとの向き合い方 / AWS Fin...
Search
Yuichiro SAITO
PRO
November 10, 2022
Technology
0
510
FinTech スタートアップの セキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance
AWS FinTech Bootcamp! 2022/11/15
Yuichiro SAITO
PRO
November 10, 2022
Tweet
Share
More Decks by Yuichiro SAITO
See All by Yuichiro SAITO
クラウドを積極活用したサービスの開発のために / AWS FinTech Bootcamp! Basic
koemu
PRO
0
220
ワークショップFinTech アーキテクチャ / AWS FinTech Bootcamp! Workshop
koemu
PRO
0
200
正しい理解で作る安心安全な FinTech の IT インフラ / tech play aws 2022 2
koemu
PRO
1
250
AWSの「今」 -PHPのコードを素早く動かすためのサービスのご紹介 / PHPCon2022 AWS Japan Session
koemu
PRO
2
1.9k
PdMとエンジニアのより良いコミュニケーションに向けて / Improve communication between Product Manager and Software Engineer
koemu
PRO
1
480
フェイズ別・スタートアップ企業への技術選定 シード編 #AWS #AWSStartup / Startup Tech 101 for Seed
koemu
PRO
0
470
AWSを使って送金機能を実装してみよう - 「sunabar-GMOあおぞらネット銀行API実験場-」コミュニティイベント第6弾
koemu
PRO
0
980
Hardening II SU Softening Day - Team カムイ Presentation
koemu
PRO
0
3.6k
Software Development at Mercari #ioi2018
koemu
PRO
0
1.1k
Other Decks in Technology
See All in Technology
Introduction to Works of ML Engineer in LY Corporation
lycorp_recruit_jp
0
140
SRE×AIOpsを始めよう!GuardDutyによるお手軽脅威検出
amixedcolor
0
180
SREが投資するAIOps ~ペアーズにおけるLLM for Developerへの取り組み~
takumiogawa
1
440
VideoMamba: State Space Model for Efficient Video Understanding
chou500
0
190
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
310
いざ、BSC討伐の旅
nikinusu
2
780
AI前提のサービス運用ってなんだろう?
ryuichi1208
8
1.4k
DynamoDB でスロットリングが発生したとき_大盛りver/when_throttling_occurs_in_dynamodb_long
emiki
1
430
CysharpのOSS群から見るModern C#の現在地
neuecc
2
3.5k
OCI Security サービス 概要
oracle4engineer
PRO
0
6.5k
組織成長を加速させるオンボーディングの取り組み
sudoakiy
2
220
データプロダクトの定義からはじめる、データコントラクト駆動なデータ基盤
chanyou0311
2
330
Featured
See All Featured
Agile that works and the tools we love
rasmusluckow
327
21k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
44
2.2k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.8k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
31
2.7k
Designing the Hi-DPI Web
ddemaree
280
34k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Visualization
eitanlees
145
15k
Art, The Web, and Tiny UX
lynnandtonic
297
20k
Thoughts on Productivity
jonyablonski
67
4.3k
Speed Design
sergeychernyshev
25
620
Transcript
© 2022, Amazon Web Services, Inc. or its affiliates. All
rights reserved. FinTech 2022/11/15
• ( ) • • 20 • Amazon Lightsail, Amazon
Route 53 @koemu
• − • FISC FISC •
Disclaimer • • • AWS • AWS
1. 2. AWS 3. 4. 5.
None
✖ ( ) ( FinTech) ( )
z ⾒
FinTech Startups ( ) ( ) FISC PCI DSS NIST
SP800 ISMS SOC2 FedRAMP ISO/IEC 27001 3850
FISC ( ) 2022 7 10 FISC --- (FISC )
1985 12 FISC (FISC )
AWS ( ) ( ) https://aws.amazon.com/jp/compliance/shared-responsibility-model/
AWS
FISC (FISC ) FISC AWS AWS https://aws.amazon.com/jp/compliance/fisc/
AWS AWS AWS https://d0.awsstatic.com/whitepapers/compliance/JP_Whitepapers/AWS_Risk_and_Complia nce_Overview_JP.pdf
AWS Artifact AWS Adobe Acrobat FISC SOC2 PCI ISO27001
None
AWS NO FISC / YES FISC AWS AWS Artifact AWS
• 1) • − AWS Fargate − Amazon Aurora MySQL
蓄 − Amazon Elastic Load Balancer AWS WAF 蓄 AWS Cloud VPC Amaazon CloudFront AWS WAF Elastic Load Balancing AWS Fargate Amazon Aurora
• − 1) • − AWS AWS AWS
FISC • − 1) • FISC 49 →
• − 1) • − ✖: ※ − : AWS
− : AWS ISO/IEC 27001 AWS AWS AWS • − ⾒ AWS ⾒
None
AWS Security Hub AWS Security Hub FinTech https://aws.amazon.com/jp/security-hub/
FISC Well-Architected Framework FSI Lens for FISC Baseline Environment on
AWS for FSI 3 https://github.com/aws-samples/baseline-environment-on-aws-for-financial-services-institute
Fintech Blueprint on AWS FinTech AWS CloudFormation https://aws.amazon.com/jp/quickstart/architecture/fintech-blueprint/
AWS PCI DSS PCI DSS AWS https://d1.awsstatic.com/whitepapers/ja_JP/compliance/pci-dss-compliance-on-aws.pdf
NIST SP800-53, 171 AWS AWS https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist-800-53_rev_5.html https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist_800-171.html
Q&A
( ) • − • FISC FISC •
Thank you © 2022, Amazon Web Services, Inc. or its
affiliates. All rights reserved.