FinTech スタートアップのセキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance

© 2022, Amazon Web Services, Inc. or its affiliates. All
rights reserved. FinTech 2022/11/15

• ( ) • • 20 • Amazon Lightsail, Amazon
Route 53 @koemu

• − • FISC FISC •

Disclaimer • • • AWS • AWS

1. 2. AWS 3. 4. 5.

✖ ( ) ( FinTech) ( )

FinTech Startups ( ) ( ) FISC PCI DSS NIST
SP800 ISMS SOC2 FedRAMP ISO/IEC 27001 3850

FISC ( ) 2022 7 10 FISC --- (FISC )
1985 12 FISC (FISC )

AWS ( ) ( ) https://aws.amazon.com/jp/compliance/shared-responsibility-model/

FISC (FISC ) FISC AWS AWS https://aws.amazon.com/jp/compliance/fisc/

AWS AWS AWS https://d0.awsstatic.com/whitepapers/compliance/JP_Whitepapers/AWS_Risk_and_Complia nce_Overview_JP.pdf

AWS Artifact AWS Adobe Acrobat FISC SOC2 PCI ISO27001

AWS NO FISC / YES FISC AWS AWS Artifact AWS

• 1) • − AWS Fargate − Amazon Aurora MySQL
蓄 − Amazon Elastic Load Balancer AWS WAF 蓄 AWS Cloud VPC Amaazon CloudFront AWS WAF Elastic Load Balancing AWS Fargate Amazon Aurora

• − 1) • − AWS AWS AWS

FISC • − 1) • FISC 49 →

• − 1) • − ✖: ※ − : AWS
− : AWS ISO/IEC 27001 AWS AWS AWS • − ⾒ AWS ⾒

AWS Security Hub AWS Security Hub FinTech https://aws.amazon.com/jp/security-hub/

FISC Well-Architected Framework FSI Lens for FISC Baseline Environment on
AWS for FSI 3 https://github.com/aws-samples/baseline-environment-on-aws-for-financial-services-institute

Fintech Blueprint on AWS FinTech AWS CloudFormation https://aws.amazon.com/jp/quickstart/architecture/ﬁntech-blueprint/

AWS PCI DSS PCI DSS AWS https://d1.awsstatic.com/whitepapers/ja_JP/compliance/pci-dss-compliance-on-aws.pdf

NIST SP800-53, 171 AWS AWS https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist-800-53_rev_5.html https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist_800-171.html

( ) • − • FISC FISC •

FinTech スタートアップのセキュリティチェックシートとの向き合い方 / AWS Fin...

FinTech スタートアップのセキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance

Yuichiro SAITO

More Decks by Yuichiro SAITO

Other Decks in Technology

Featured

Transcript

© 2022, Amazon Web Services, Inc. or its affiliates. All

• ( ) • • 20 • Amazon Lightsail, Amazon

• − • FISC FISC •

Disclaimer • • • AWS • AWS

1. 2. AWS 3. 4. 5.

✖ ( ) ( FinTech) ( )

z ⾒

FinTech Startups ( ) ( ) FISC PCI DSS NIST

FISC ( ) 2022 7 10 FISC --- (FISC )

AWS ( ) ( ) https://aws.amazon.com/jp/compliance/shared-responsibility-model/

AWS

FISC (FISC ) FISC AWS AWS https://aws.amazon.com/jp/compliance/fisc/

AWS AWS AWS https://d0.awsstatic.com/whitepapers/compliance/JP_Whitepapers/AWS_Risk_and_Complia nce_Overview_JP.pdf

AWS Artifact AWS Adobe Acrobat FISC SOC2 PCI ISO27001

AWS NO FISC / YES FISC AWS AWS Artifact AWS

• 1) • − AWS Fargate − Amazon Aurora MySQL

• − 1) • − AWS AWS AWS

FISC • − 1) • FISC 49 →

• − 1) • − ✖: ※ − : AWS

AWS Security Hub AWS Security Hub FinTech https://aws.amazon.com/jp/security-hub/

FISC Well-Architected Framework FSI Lens for FISC Baseline Environment on

Fintech Blueprint on AWS FinTech AWS CloudFormation https://aws.amazon.com/jp/quickstart/architecture/ﬁntech-blueprint/

AWS PCI DSS PCI DSS AWS https://d1.awsstatic.com/whitepapers/ja_JP/compliance/pci-dss-compliance-on-aws.pdf

NIST SP800-53, 171 AWS AWS https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist-800-53_rev_5.html https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/operational-best- practices-for-nist_800-171.html

Q&A

( ) • − • FISC FISC •

Thank you © 2022, Amazon Web Services, Inc. or its

FinTech スタートアップの セキュリティチェックシートとの向き合い方 / AWS Fin...

FinTech スタートアップの セキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance

More Decks by Yuichiro SAITO

Other Decks in Technology

Featured

Transcript

FinTech スタートアップのセキュリティチェックシートとの向き合い方 / AWS Fin...

FinTech スタートアップのセキュリティチェックシートとの向き合い方 / AWS FinTech Bootcamp! Compliance