Category: Security, Identity, & Compliance

Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.

Customers with stringent regulatory or risk-averse considerations may look to Zero Trust architectures to refactor legacy applications or deploy new ones. This blog will help you evaluate your application architecture against Zero Trust principles and use AWS to build secure and scalable architectures.

Cloud security at AWS is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations.

The Government of Canada (GC) signed a framework agreement with AWS to provide Commercially Available Cloud Services for workloads up to the level of Protected B/Medium Integrity/Medium Availability (PBMM). Having a contract vehicle with a Cloud Service Provider (CSP) is a significant step forward in modernizing digital government for Canadians, and will further the Government of Canada’s Cloud and digital strategy. This contract is in addition to the procurement vehicle for unclassified data announced in 2018.

This month, Amazon Web Services (AWS) and California IT in Education (CITE, formerly CETPA) announced the new California AB 1584 Compliance Addendum, a contract addendum available to AWS customers in California that are required to affirm compliance with California Assembly Bill 1584 (AB 1584) in California Education Code Section 49073.1.

A key aspect of cloud adoption is determining how identities will be managed. Typically, federal government customers want to use the same identities managed by their Identity Management System (IDMS) to access cloud resources. Federal agencies have their own well-managed, NIST and HSPD-12 compliant IDMS for issuing, revoking, and entitlements management of their identities. These […]