AWS Public Sector Blog

Category: AWS Artifact

Accelerate IRAP readiness with AWS and Wiz

Accelerate IRAP readiness with AWS and Wiz

As organisations modernise to meet the evolving expectations of the Australian Government, delivering secure, cloud-based services has become a commercial and operational necessity. This transformation brings a critical challenge: maintaining a hardened security posture while aligning to the Information Security Registered Assessors Program (IRAP) assessment requirements and priorities.

MARS-E to ARC-AMPE: Guide for state Medicaid agencies on AWS

MARS-E to ARC-AMPE: Guide for state Medicaid agencies on AWS

This post is for two audiences. The first is agencies already running MARS-E-compliant workloads on AWS that are looking to map their existing posture onto the new framework. The second is agencies planning a migration from on-premises infrastructure where ARC-AMPE will be in scope from the first day.

Introducing the AWS Australian public sector user guide for building responsible AI systems

Introducing the AWS Australian public sector user guide for building responsible AI systems

Australian public sector agencies can now harness AI’s transformative potential while maintaining ethical, transparent, and compliant systems with new practical guidance from Amazon Web Services (AWS). AWS is excited to announce that the AWS Australian Public Sector User Guide: Building Responsible AI systems with Amazon Bedrock and Amazon SageMaker AI is now available through AWS […]

Prepare for FedRAMP 20x with AWS automation and validation

Prepare for FedRAMP 20x with AWS automation and validation

This post shows you how to use Amazon Web Services (AWS) services to meet Federal Risk and Authorization Management Program (FedRAMP) 20x requirements, reducing authorization time from months to weeks through automated compliance pipelines and continuous validation. You’ll learn how to build a trust center, automate vulnerability detection, generate Key Security Indicators (KSIs), and implement […]

AWS Branded Background with text "Hosting regulated U.S. State and Local Government Workloads in AWS"

Hosting regulated U.S. State and Local Government Workloads in AWS

U.S. State and Local Government (SLG) organizations often have requirements to host regulated workloads with distinct compliance requirements. Amazon Web Services (AWS) provides U.S. SLG customers with an approach to meet compliance needs by using AWS GovCloud (US) regions or AWS U.S. commercial regions. In this post, we will explain how some U.S. SLG regulated workloads can be hosted in the AWS U.S. commercial regions.

Complying with updated NIH Genomic Data Sharing policies on AWS

The National Institutes of Health (NIH) has long maintained guidelines governing the responsible management of controlled access human genomic and phenotypic data maintained in NIH-designated data repositories. Recently, the NIH updated these guidelines to align with the NIST SP 800-171 security standard, which defines a comprehensive framework for securing Controlled Unclassified Information (CUI). In this blog post, we will explore the specifics of the updated NIH guidance and outline how Amazon Web Services (AWS) can help customers build a compliant environment to meet these requirements.

AWS branded background design with text overlay that says "How AWS can enable the Government of Canada’s 2023-2026 Data Strategy"

How AWS can enable the Government of Canada’s 2023-2026 Data Strategy

The potential of open data to transform governance and public services is immense, but realizing this potential requires overcoming common obstacles. In this post, we will explore best practices and solutions for Canadian public sector organizations seeking to use the cloud for open data, specifically examining how Amazon Web Services (AWS) can enable open data success.

Securing and automating compliance in the public sector with AWS

Compliance is essential, but ensuring compliance in the cloud with various regulations and standards can be challenging, especially for public sector organizations. The requirements are highly dynamic, constantly evolving, and they vary across countries. Read this blog post to learn about the Amazon Web Services (AWS) resources that can help customers meet compliance requirements, reduce their time and effort, and focus on core business objectives.

Support FedRAMP and CMMC compliance with the Landing Zone Accelerator on AWS

Support FedRAMP and CMMC compliance with the Landing Zone Accelerator on AWS

Some US federal agencies and those who collaborate with them must support an automated, secure, and scalable multi-account cloud environment that meets Federal Risk and Authorization Management Program (FedRAMP) and Cybersecurity Maturity Model Certification (CMMC) standards. To support these needs, AWS customers and partners can deploy the Landing Zone Accelerator (LZA) on AWS. Recently, AWS worked with Coalfire, a FedRAMP-approved third-party assessment organization (3PAO) and AWS Partner, to assess and verify the LZA solution.

How NRCan used an AWS open source solution to complete a PBMM evidence package in 60 days

Since signing a framework agreement with the Government of Canada (GC) in 2019, AWS has developed an open source solution to automate the deployment of security controls for GC customers, which can reduce the time it takes to achieve an Authority to Operate (ATO). Natural Resources Canada (NRCan) used this solution to implement their cloud landing zone controls aligned with the Protected B, Medium Integrity, Medium Availability (PBMM) profile. They worked with AWS Partner Kainos to complete an ATO evidence package in only 60 days—a process that typically takes 18 months.