Category: Security, Identity, & Compliance

According to the 2020 Deloitte-NASCIO Cybersecurity Study for state governments, 54 percent of states are not confident in their ability to protect emerging technology. Traditional cybersecurity approaches can result in singularly focused solutions that don’t provide holistic protection. It can also inhibit an organizations’ ability to monitor and respond to security threats in real time. As more organizations shift to cloud-based workloads, security mechanisms and components need to be developed and integrated using a Security by Design (SbD) approach. Our AWS Partners have developed pre-configured security solutions, which allow customers to deploy applications using SbD strategies and also use AWS security solutions to ensure continuous security alignment. 

A new IDC whitepaper, sponsored by AWS, “How Government Agencies Meet Security and Compliance Requirements in the Cloud” examines why federal agencies are moving more systems and information to the cloud as a launching point for agency-wide IT modernization. The paper shares executive, legislative, and other government-wide initiatives influencing agencies to accelerate their cloud adoption plans, risks IT leaders face by delaying cloud migrations, and how secure, compliant cloud environments help agencies achieve compliance and security for their sensitive workloads.

To help our public sector customers in Sweden accelerate their journey to the cloud, we are launching the AWS ClearStart program. AWS ClearStart helps organizations meet security and regulatory needs through a set of guides, trainings, technology tools, and cloud computing experts to simplify the process of complying with Swedish and EU regulations, including the Public Access to Information and Secrecy Act (OSL) and General Data Protection Regulation (GDPR), as well as with international information security standards, such as ISO/IEC27001.

Government agencies and public sector organizations need rapidly deployable and dependable security solutions to support their missions. In response to this need, AWS launched the Security Solutions for Government Workloads initiative under the Authority to Operate (ATO) on AWS Program. This initiative works with AWS Public Sector Partners, members of the AWS Partner Network (APN), to develop security solutions designed to meet the unique security and compliance requirements of public sector workloads.

As government agencies and public sector organizations modernize their IT and migrate to the AWS Cloud, the ability to gain a full, clear view of the security of their environments is a primary challenge they experience. This lack of visibility leads to blind spots and gaps in their security posture, leaving opportunity for security issues to arise. As a result, AWS developed a new open source Self-Service Security Assessment (with ransomware analysis modules) tool that provides customers with a point-in-time assessment to quickly gain valuable insights into the security posture of their AWS account.

Later this year, the Cybersecurity Maturity Model Certification (CMMC) accreditation framework will take effect, impacting U.S. DoD contractors, supply chain, solution providers, and systems integrators. The DoD estimates that more than 300,000 organizations will require certification. In addition, other U.S. federal agencies and international organizations may adopt a similar framework to protect their intellectual property (IP). No matter the size of your organization, cloud-based services can help you meet the requirements of CMMC.

Until we can meet again, we’ve curated a collection of the top AWS re:Inforce 2019 sessions for security and compliance professionals in the public sector. These sessions answer the compliance questions you were afraid to ask, share ways to harness diversity in your security organization, explore how AWS security services can help encrypt data, manage security alerts, and automate compliance.

Did you know AWS can help deliver an automated solution for creating the FedRAMP Integrated Inventory Workbook? This workbook needs to be updated and submitted to the FedRAMP Project Management Office (PMO) monthly for continuous monitoring. Automating this workbook saves manual work hours. Any customer going through the FedRAMP authorization process can leverage this workbook. Understand how to gather an inventory of AWS resources from AWS Config data to create the FedRAMP Integrated Inventory Workbook.

Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.

Customers with stringent regulatory or risk-averse considerations may look to Zero Trust architectures to refactor legacy applications or deploy new ones. This blog will help you evaluate your application architecture against Zero Trust principles and use AWS to build secure and scalable architectures.