According to the 2020 Deloitte-NASCIO Cybersecurity Study for state governments, 54 percent of states are not confident in their ability to protect emerging technology. Traditional cybersecurity approaches can result in singularly focused solutions that don’t provide holistic protection. It can also inhibit an organizations’ ability to monitor and respond to security threats in real time. As more organizations shift to cloud-based workloads, security mechanisms and components need to be developed and integrated using a Security by Design (SbD) approach. Our AWS Partners have developed pre-configured security solutions, which allow customers to deploy applications using SbD strategies and also use AWS security solutions to ensure continuous security alignment.
Government agencies and public sector organizations need rapidly deployable and dependable security solutions to support their missions. In response to this need, AWS launched the Security Solutions for Government Workloads initiative under the Authority to Operate (ATO) on AWS Program. This initiative works with AWS Public Sector Partners, members of the AWS Partner Network (APN), to develop security solutions designed to meet the unique security and compliance requirements of public sector workloads.
Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.
Cloud security at AWS is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations.