AWS Public Sector Blog

Category: Security

What you need to know about the Executive Order on Improving the Nation’s Cybersecurity and how AWS can help

President Biden’s executive order emphasizes the need to elevate information security as a core tenet of national security, and calls on federal agencies and public sector organizations to work with the private sector to prioritize the data security and privacy of the American people and government. AWS and AWS Partners can help government agencies align with the initiatives in this executive order.

Read More

How Rockdale County improved operations and security with the cloud

After Rockdale County, Georgia was the victim of two cyber attacks, the jurisdiction turned to the cloud to strengthen the county’s security position. They worked with AWS Partner Tyler Technologies, Inc. to help with their migration, which not only enhanced data security and continuity of operations, but also reduced network downtime by 99 percent, while streamlining budgeting and reducing the IT staff’s burden.

Read More

5 things public sector managers should know about cloud security accreditation programs

Accreditation programs and the organizational models that support them are priority considerations for public sector managers who are modernizing their IT. But managers often consider risk and compliance issues too late in the planning stage. Here are some key principles that can prevent accreditation-related issues from becoming a roadblock to cloud adoption.

Read More

Elevating cloud security to address regulatory requirements for security and disaster recovery

Learn how you can build a foundation of security objectives practices, including a business continuity and disaster recovery plan, that can be adapted to meet a dynamic policy environment and support the missions of national computer security incident response teams (CSIRT), operators of essential services (OES), digital service providers (DSP), and other identified sector organizations.

Read More

How to accelerate CMMC compliance with the new AWS Compliant Framework

The AWS Compliant Framework is an automated solution designed to help customers reduce the time to setup an environment for running secure and scalable workloads while implementing an initial security baseline that meets US federal government standards. The solution was designed to address the requirements for deploying DoD CMMC and DoD Cloud Computing Security Requirements Guide compliant environments.

Read More
close up of judge signing paperwork with pen and gavel

A journey of innovation in CJIS compliance

To protect citizens and save lives, justice and public safety agencies rely on timely access to critical information, such as criminal histories, arrest warrants, stolen vehicles, and 911 call data. Providing this mission critical criminal justice information with five nines (99.999%) availability and protecting it according to the rigorous security requirements prescribed in the Criminal Justice Information Services Security Policy are top priorities for criminal justice agencies (CJA). AWS’s innovative features and security controls can help customers achieve CJIS compliance in a simplified way.

Read More
laptop in dark with code on screen; Photo by Markus Spiske on Unsplash

Remote workforce, web portal, and DevSecOps: Three focus areas for cybersecurity

According to the 2020 Deloitte-NASCIO Cybersecurity Study for state governments, 54 percent of states are not confident in their ability to protect emerging technology. Traditional cybersecurity approaches can result in singularly focused solutions that don’t provide holistic protection. It can also inhibit an organizations’ ability to monitor and respond to security threats in real time. As more organizations shift to cloud-based workloads, security mechanisms and components need to be developed and integrated using a Security by Design (SbD) approach. Our AWS Partners have developed pre-configured security solutions, which allow customers to deploy applications using SbD strategies and also use AWS security solutions to ensure continuous security alignment. 

Read More
exterior shot of government building with columns, looking up sun behind

Introducing Security Solutions for Government Workloads from AWS Partners

Government agencies and public sector organizations need rapidly deployable and dependable security solutions to support their missions. In response to this need, AWS launched the Security Solutions for Government Workloads initiative under the Authority to Operate (ATO) on AWS Program. This initiative works with AWS Public Sector Partners, members of the AWS Partner Network (APN), to develop security solutions designed to meet the unique security and compliance requirements of public sector workloads.

Read More
lock over computer chip

Delegated authentication using OAuth: A case study using Spotify and AWS

Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.

Read More
AWS Public Sector Summit 2019 security presentation screenshot

Security in the public sector: The why and how

Cloud security at AWS is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations.

Read More