AWS Public Sector Blog
Category: AWS Config
Migrating to a multi-account strategy for public sector customers
A multi-account strategy is important for Amazon Web Services (AWS) public sector customers because it is the foundation of cloud governance and compliance. Public sector customers using a shared account model can improve security and operational efficiency by adopting a multi-account strategy. In this post, we explore methods for existing AWS public sector customers to prepare for and migrate to a multi-account environment.
Simplify firewall deployments using centralized inspection architecture with Gateway Load Balancer
As government organizations transition to Amazon Web Services (AWS), they often seek to maintain operational continuity by using their existing on-premises firewall solutions. Gateway Load Balancer (GWLB) enables seamless integration of these firewall appliances into the AWS architecture, ensuring consistent security policies and minimizing disruptions. This post explores best practices for implementing GWLB to facilitate centralized traffic inspection for both east-west and north-south traffic flows.
University of British Columbia Cloud Innovation Centre: Governing an innovation hub using AWS management services
In January 2020, Amazon Web Services (AWS) inaugurated a Cloud Innovation Centre (CIC) at the University of British Columbia (UBC). The CIC uses emerging technologies to solve real-world problems and has produced more than 50 prototypes in sectors like healthcare, education, and research. The Centre’s work has involved 300-plus AWS accounts across various groups, including external collaborators, UBC staff, students, and researchers. This post discusses the management of AWS in higher education institutions, emphasizing governance to securely foster innovation without compromising security and detailing policies and responsibilities for managing AWS accounts across projects and research.
Streamlining digital transformation in German healthcare with AWS
Healthcare organizations worldwide are leveraging Amazon Web Services (AWS) and partner solutions to modernize, transform, and innovate their businesses. Ensuring the availability and security of critical applications is paramount. For example, two renowned German medical facilities, Fachklinikum Mainschleife and Max Grundig Klinik, needed to modernize their IT infrastructure to comply with stringent regulatory requirements outlined in the country’s Law for Accelerating the Digitalization of Healthcare (DigiG). Reliable and compliant service offerings from AWS enabled the medical facilities to provide reliable access to essential systems.
AWS expands program offering low-to-no cost security services for federal political campaigns and committees
Amazon Web Services (AWS) is continuing its collaboration with Defending Digital Campaigns (DDC) to offer more than 20 cybersecurity-related AWS services for low-to-no cost to all active and registered national party committees and federal candidate campaigns.
Building compliant healthcare solutions using Landing Zone Accelerator
In this post, we explore the complexities of data privacy and controls on Amazon Web Services (AWS), examine how creating a landing zone within which to contain such data is important, and highlight the differences between creating a landing zone from scratch compared with using the AWS Landing Zone Accelerator (LZA) for Healthcare. To aid explanation, we use a simple healthcare workload as an example. We also explain how LZA for Healthcare codifies HIPAA controls and AWS Security Best Practices to accelerate the creation of an environment to run protective health information workloads in AWS.
How to migrate to the new AWS Ground Station Agent launching March 28
On March 28, Amazon Web Services (AWS) will release a new version of the AWS Ground Station Agent (agent), which is not compatible with past agent releases. In order to maintain operational continuity of Ground Station environments, agent users must follow the instructions provided in this blog post before upgrading to the March 28 version of the agent.
How credit unions can evaluate their FFIEC, NCUA cyber compliance using AWS
Credit unions face unique security, regulatory, and compliance obligations. These requirements mean that a sound cybersecurity posture is essential for credit unions across both cloud workloads and on-premises technology. Read this blog post to learn how Amazon Web Services (AWS) can help credit unions prepare for audits, assess security posture, and produce documentation for state or federal regulators.
Securing and automating compliance in the public sector with AWS
Compliance is essential, but ensuring compliance in the cloud with various regulations and standards can be challenging, especially for public sector organizations. The requirements are highly dynamic, constantly evolving, and they vary across countries. Read this blog post to learn about the Amazon Web Services (AWS) resources that can help customers meet compliance requirements, reduce their time and effort, and focus on core business objectives.
Navigating ISM and Essential Eight compliance with AWS Config for Australian government agencies
To help our Australian customers, AWS provides pre-built conformance packs for the Australian Cyber Security Centre (ACSC) Essential Eight Maturity Model and the ACSC Information Security Manual (ISM). The ACSC’s Essential Eight was first published in 2017 and is a set of prioritised security mitigation strategies designed to help protect organisations against various security threats. In this blog post, I walk you through how to set up a conformance pack in AWS Config that is designed to help you implement and track the ASCS Essential Eight model.