AWS Public Sector Blog

Remote workforce, web portal, and DevSecOps: Three focus areas for cybersecurity

laptop in dark with code on screen; Photo by Markus Spiske on Unsplash

Happy Cybersecurity Month!

According to the 2020 Deloitte-NASCIO Cybersecurity Study for state governments, 54 percent of states are not confident in their ability to protect emerging technology. Traditional cybersecurity approaches can result in singularly focused solutions that don’t provide holistic protection. It can also inhibit an organizations’ ability to monitor and respond to security threats in real time. As more organizations shift to cloud-based workloads, security mechanisms and components need to be developed and integrated using a Security by Design (SbD) approach.

An SbD approach focuses on integrating DevOps and security into a unified approach (e.g. Infrastructure as Code) and leveraging pre-defined templates so environments are built to explicit requirements and standards. These approaches use native cloud solutions and partner solutions for seamless interconnectivity among the different components.

Our Amazon Web Services (AWS) Partners have developed pre-configured (e.g. Infrastructure as Code) security solutions, which allow customers to deploy applications using SbD strategies and also use AWS security solutions (e.g. AWS Security Hub, AWS Config, and AWS Lambda) to ensure continuous security alignment. With our public sector partners, we see three focus areas for partner-designed offerings: remote workforce security, web portal security, and DevSecOps.

1. Remote workforce security

The sudden surge in work-from-home arrangements increased the opportunity for cyberattacks. When the pandemic first hit, organizations went from 10% of the workforce working from home to 90%, and many found that their systems were not designed to take on the increased load. AWS and our AWS Partners work together to create SbD solutions to help our public sector customers scale their remote workforces.

CloudHesive, an AWS Partner, built their Centricity Secure Workspaces Platform to help organizations operationalize and secure Amazon WorkSpaces at scale. Centricity powered by AWS, extends Tier-1 management capabilities to a typical user. This eliminates the need for unnecessary support cases, escalation, or privileged access, allowing self-service capabilities around Amazon Workspaces such as deployment, decommissioning, image migration, resizing, and recovery.

Centricity provides cross-account and cross-region discovery of Amazon WorkSpaces providing insight from an asset and operational management perspective. Operational capabilities included in the platform consist of threshold and event management as well as robust usage analytics and reporting, allowing issue isolation and resolution. From a compliance and audit perspective, the Centricity platform provides discovery and asset inventory and also user, machine, and application audit logs.

2. Web portal security

A recent Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers with internet access—every 39 seconds on average, affecting one in three Americans every year. Web portal security is important to keeping hackers from accessing sensitive government information. Without a proactive security strategy, organizations and governments risk attacks on websites, networks, and other IT infrastructures.

Government organizations can protect their web portals and web applications by using AWS security services and third-party partner tools managed by AWS Public Sector Partners. AWS tools (e.g. AWS CloudFormation, AWS CodePipeline, and AWS CodeCommitt) can integrate or support development of DevOps CI/CD pipelines to accelerate security implementations and minimize time to deployment.

Deloitte, an AWS Premier Consulting Partner, offers Cyber Reconnaissance and Analytics services. Cyber reconnaissance provides agencies and enterprise clients with a high-resolution picture of its cyber landscape from the adversary’s perspective. This picture contains likely weaknesses, vulnerabilities, openings, activity, and nodes that contain risks and anomalous activity. Instead of examining every component of an agency’s internal enterprise, Deloitte helps increase the volume of data and apply advanced analytics to provide a clearer view of risk, exposure, and malicious opportunity, leading to the discovery of the “risk profile” and also resolution and remediation efforts.

3. DevSecOps

DevSecOps is short for development, security, and operations. Its mission is to make everyone accountable for security, with the objective of implementing security decisions and actions at the same scale and speed as development and operations decisions and actions. Just as organizations are scaling innovation and separating out architecture, the surface area for the product increases. As engineers on each team do things a little differently, your architecture also becomes less homogenous. We recommend establishing best practices through a security working group and making sure that every engineer owns security. As you build security into development, test, and deployment, organizations can find flaws before they get to production.

DevSecOps: Embedded security and resilience checks

Making everyone accountable: best practices for DevSecOps (graphic courtesy Sandy Carter).

Anitian, an AWS Advanced Technology Partner, created Anitian’s SecureCloud, an automated, pre-engineered security platform that accelerates DevOps. SecureCloud eliminates the frustrating and time-consuming effort of architecting, deploying, configuring, and documenting security controls for cloud environments. SecureCloud deploys with the security tools, technologies, and templates you need, pre-configured to strict security standards, such as the PCI-DSS or FedRAMP. SecureCloud also includes 24×7 security monitoring and incident response services to keep you ahead of the threat. SecureCloud can help wrap a complete set of critical security technologies around a cloud application in hours. Using advanced cloud automation technologies, SecureCloud deploys, configures, and hardens a comprehensive stack of security tools and controls, including endpoint security, remote access, multi-factor authentication, encryption, vulnerability management, zero-trust networking, and security information and event management (SIEM).

The Security Solutions for Government Workloads initiative provides six different partner-designed offerings to support remote workforce security and web portal security for customer workloads. AWS Public Sector Partners configure and manage these repeatable packages. This model enables global scalability and availability while supporting localized customizations for unique markets.

If you are a customer interested in security solutions for in the public sector or an APN Public Sector Partner interested in developing solutions, learn more at AWS Partner Security Solutions for Government Workloads.