Upgrade to Pro — share decks privately, control downloads, hide ads and more …

FinTech スタートアップの セキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance

FinTech スタートアップの セキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance

AWS FinTech Bootcamp! 2022/11/15

Yuichiro SAITO
PRO

November 10, 2022
Tweet

More Decks by Yuichiro SAITO

Other Decks in Technology

Transcript

  1. © 2022, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. FinTech 2022/11/15
  2. • ( ) • • 20 • Amazon Lightsail, Amazon

    Route 53 @koemu
  3. • − • FISC FISC •

  4. Disclaimer • • • AWS • AWS

  5. 1. 2. AWS 3. 4. 5.

  6. None
  7. ✖ ( ) ( FinTech) ( )

  8. z ⾒

  9. FinTech Startups ( ) ( ) FISC PCI DSS NIST

    SP800 ISMS SOC2 FedRAMP ISO/IEC 27001 3850
  10. FISC ( ) 2022 7 10 FISC --- (FISC )

    1985 12 FISC (FISC )
  11. AWS ( ) ( ) https://aws.amazon.com/jp/compliance/shared-responsibility-model/

  12. AWS

  13. FISC (FISC ) FISC AWS AWS https://aws.amazon.com/jp/compliance/fisc/

  14. AWS AWS AWS https://d0.awsstatic.com/whitepapers/compliance/JP_Whitepapers/AWS_Risk_and_Complia nce_Overview_JP.pdf

  15. AWS Artifact AWS Adobe Acrobat FISC SOC2 PCI ISO27001

  16. None
  17. AWS NO FISC / YES FISC AWS AWS Artifact AWS

  18. • 1) • − AWS Fargate − Amazon Aurora MySQL

    蓄 − Amazon Elastic Load Balancer AWS WAF 蓄 AWS Cloud VPC Amaazon CloudFront AWS WAF Elastic Load Balancing AWS Fargate Amazon Aurora
  19. • − 1) • − AWS AWS AWS

  20. FISC • − 1) • FISC 49 →

  21. • − 1) • − ✖: ※ − : AWS

    − : AWS ISO/IEC 27001 AWS AWS AWS • − ⾒ AWS ⾒
  22. None
  23. AWS Security Hub AWS Security Hub FinTech https://aws.amazon.com/jp/security-hub/

  24. FISC Well-Architected Framework FSI Lens for FISC Baseline Environment on

    AWS for FSI 3 https://github.com/aws-samples/baseline-environment-on-aws-for-financial-services-institute
  25. Fintech Blueprint on AWS FinTech AWS CloudFormation https://aws.amazon.com/jp/quickstart/architecture/fintech-blueprint/

  26. AWS PCI DSS PCI DSS AWS https://d1.awsstatic.com/whitepapers/ja_JP/compliance/pci-dss-compliance-on-aws.pdf

  27. NIST SP800-53, 171 AWS AWS https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist-800-53_rev_5.html https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist_800-171.html

  28. Q&A

  29. ( ) • − • FISC FISC •

  30. Thank you © 2022, Amazon Web Services, Inc. or its

    affiliates. All rights reserved.