AWS Public Sector Blog

Category: Security, Identity, & Compliance

laptop in dark with code on screen; Photo by Markus Spiske on Unsplash

Remote workforce, web portal, and DevSecOps: Three focus areas for cybersecurity

According to the 2020 Deloitte-NASCIO Cybersecurity Study for state governments, 54 percent of states are not confident in their ability to protect emerging technology. Traditional cybersecurity approaches can result in singularly focused solutions that don’t provide holistic protection. It can also inhibit an organizations’ ability to monitor and respond to security threats in real time. As more organizations shift to cloud-based workloads, security mechanisms and components need to be developed and integrated using a Security by Design (SbD) approach. Our AWS Partners have developed pre-configured security solutions, which allow customers to deploy applications using SbD strategies and also use AWS security solutions to ensure continuous security alignment. 

Read More
IDC whitepaper: How government agencies meet security and compliance requirements with the cloud

New IDC whitepaper released: How government agencies meet security and compliance requirements with the cloud

A new IDC whitepaper, sponsored by AWS, “How Government Agencies Meet Security and Compliance Requirements in the Cloud” examines why federal agencies are moving more systems and information to the cloud as a launching point for agency-wide IT modernization. The paper shares executive, legislative, and other government-wide initiatives influencing agencies to accelerate their cloud adoption plans, risks IT leaders face by delaying cloud migrations, and how secure, compliant cloud environments help agencies achieve compliance and security for their sensitive workloads.

Read More
Sweden skyline at dusk

Announcing AWS ClearStart for Swedish public sector to accelerate security and regulatory compliance

To help our public sector customers in Sweden accelerate their journey to the cloud, we are launching the AWS ClearStart program. AWS ClearStart helps organizations meet security and regulatory needs through a set of guides, trainings, technology tools, and cloud computing experts to simplify the process of complying with Swedish and EU regulations, including the Public Access to Information and Secrecy Act (OSL) and General Data Protection Regulation (GDPR), as well as with international information security standards, such as ISO/IEC27001.

Read More
exterior shot of government building with columns, looking up sun behind

Introducing Security Solutions for Government Workloads from AWS Partners

Government agencies and public sector organizations need rapidly deployable and dependable security solutions to support their missions. In response to this need, AWS launched the Security Solutions for Government Workloads initiative under the Authority to Operate (ATO) on AWS Program. This initiative works with AWS Public Sector Partners, members of the AWS Partner Network (APN), to develop security solutions designed to meet the unique security and compliance requirements of public sector workloads.

Read More
Self-Service Security Assessment with ransomware analysis modules

Assess your security posture to identify and remediate security gaps susceptible to ransomware

As government agencies and public sector organizations modernize their IT and migrate to the AWS Cloud, the ability to gain a full, clear view of the security of their environments is a primary challenge they experience. This lack of visibility leads to blind spots and gaps in their security posture, leaving opportunity for security issues to arise. As a result, AWS developed a new open source Self-Service Security Assessment (with ransomware analysis modules) tool that provides customers with a point-in-time assessment to quickly gain valuable insights into the security posture of their AWS account.

Read More
Security

Top sessions on security for the public sector from AWS re:Inforce 2019

Until we can meet again, we’ve curated a collection of the top AWS re:Inforce 2019 sessions for security and compliance professionals in the public sector. These sessions answer the compliance questions you were afraid to ask, share ways to harness diversity in your security organization, explore how AWS security services can help encrypt data, manage security alerts, and automate compliance.

Read More
FedRAMP workbook automation

Automating creation of a FedRAMP Integrated Inventory Workbook

Did you know AWS can help deliver an automated solution for creating the FedRAMP Integrated Inventory Workbook? This workbook needs to be updated and submitted to the FedRAMP Project Management Office (PMO) monthly for continuous monitoring. Automating this workbook saves manual work hours. Any customer going through the FedRAMP authorization process can leverage this workbook. Understand how to gather an inventory of AWS resources from AWS Config data to create the FedRAMP Integrated Inventory Workbook.

Read More
lock over computer chip

Delegated authentication using OAuth: A case study using Spotify and AWS

Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.

Read More
zero trust architecture

How to think about Zero Trust architectures on AWS

Customers with stringent regulatory or risk-averse considerations may look to Zero Trust architectures to refactor legacy applications or deploy new ones. This blog will help you evaluate your application architecture against Zero Trust principles and use AWS to build secure and scalable architectures.

Read More
AWS Public Sector Summit 2019 security presentation screenshot

Security in the public sector: The why and how

Cloud security at AWS is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations.

Read More