AWS Public Sector Blog
Tag: AWS Shared Responsibility Model
How to migrate to the new AWS Ground Station Agent launching March 28
On March 28, Amazon Web Services (AWS) will release a new version of the AWS Ground Station Agent (agent), which is not compatible with past agent releases. In order to maintain operational continuity of Ground Station environments, agent users must follow the instructions provided in this blog post before upgrading to the March 28 version of the agent.
Supporting security assessors in the Canadian public sector with AWS and Deloitte
In this blog post, learn how Amazon Web Services (AWS) helps Government of Canada (GC) customers move workloads into production in the AWS Canadian Regions. This requires putting their workloads through the Security Assessment & Authorization (SA&A) process and can pose headwinds for GC customers developing applications to support digital modernization efforts.
Build population health systems to enhance healthcare customer experiences on AWS
As the amount of health data increases, different healthcare, life sciences, population health, and public health organizations are working to modernize their data infrastructure, unify their data, and innovate faster with technologies like artificial intelligence and machine learning (AI/ML). In this blog post, we dive deep on architecture guidance that enables healthcare providers to improve patient care.
Support FedRAMP and CMMC compliance with the Landing Zone Accelerator on AWS
Some US federal agencies and those who collaborate with them must support an automated, secure, and scalable multi-account cloud environment that meets Federal Risk and Authorization Management Program (FedRAMP) and Cybersecurity Maturity Model Certification (CMMC) standards. To support these needs, AWS customers and partners can deploy the Landing Zone Accelerator (LZA) on AWS. Recently, AWS worked with Coalfire, a FedRAMP-approved third-party assessment organization (3PAO) and AWS Partner, to assess and verify the LZA solution.
The true costs of resiliency decisions
Many organizations may not fully recognize or calculate the true costs of workload resiliency decisions. These true costs include the full spectrum of costing considerations that make up a decision, from readily-determinable accounting costs to less-recognizable intangible costs. As public sector organizations often have limited resources and complex missions, it’s important to understand the true costs and economic impact involved in a resiliency decision; this can help these organizations to both prepare and plan with their available resources.
Cloud security design considerations for state and local government
State and local government (SLG) organizations need to reflect and refocus on cyber hygiene and continuous improvement of their security posture. Here are some best practices for SLG chief information security officers (CISOs) and IT professionals to consider in their cloud journey.
Canadian Centre for Cyber Security adds additional AWS services to its assessment of the AWS Canada (Central) Region
The Canadian Centre for Cyber Security (CCCS) added more AWS services to its assessment of the AWS Canada (Central) Region, bringing the total number of assessed AWS services to 120. This provides Canadian public sector customers additional confidence that AWS Cloud services meet the Government of Canada’s security control requirements. Using these services in conjunction with the deployment of the open source AWS Secure Environment Accelerator (ASEA) solution reduces cloud service configuration time from months to days.
Supporting customers in the context of DiGAV compliance
A growing number of healthcare providers, payers, and IT professionals are using AWS’s secure, flexible, and scalable utility-based cloud services to process and store data including personal data. AWS provides a number of industry-leading tools to support customers address local regulatory and legislative requirements, including the German Digital Supply Act (DVG) and associated Digital Health Applications Ordinance (DiGAV), as they move healthcare workloads to the cloud.
Accelerate CMMC compliance with the AWS CMMC Customer Responsibility Matrix
AWS is launching the AWS Cybersecurity Maturity Model Certification (CMMC) Customer Responsibility Matrix (CRM). The AWS CMMC CRM reduces the level of effort required for CMMC compliance by providing customers a breakdown of the CMMC practices that they can inherit from AWS, and identifies CMMC practice roles and responsibilities when using the AWS Compliant Framework for Federal and DoD Workloads in AWS GovCloud (US).
5 things public sector managers should know about cloud security accreditation programs
Accreditation programs and the organizational models that support them are priority considerations for public sector managers who are modernizing their IT. But managers often consider risk and compliance issues too late in the planning stage. Here are some key principles that can prevent accreditation-related issues from becoming a roadblock to cloud adoption.