AWS Public Sector Blog

Tag: compliance

Navigating ISM and Essential Eight compliance with AWS Config for Australian government agencies

To help our Australian customers, AWS provides pre-built conformance packs for the Australian Cyber Security Centre (ACSC) Essential Eight Maturity Model and the ACSC Information Security Manual (ISM). The ACSC’s Essential Eight was first published in 2017 and is a set of prioritised security mitigation strategies designed to help protect organisations against various security threats. In this blog post, I walk you through how to set up a conformance pack in AWS Config that is designed to help you implement and track the ASCS Essential Eight model.

Read More

How NRCan used an AWS open source solution to complete a PBMM evidence package in 60 days

Since signing a framework agreement with the Government of Canada (GC) in 2019, AWS has developed an open source solution to automate the deployment of security controls for GC customers, which can reduce the time it takes to achieve an Authority to Operate (ATO). Natural Resources Canada (NRCan) used this solution to implement their cloud landing zone controls aligned with the Protected B, Medium Integrity, Medium Availability (PBMM) profile. They worked with AWS Partner Kainos to complete an ATO evidence package in only 60 days—a process that typically takes 18 months.

Read More

DoD Cloud Infrastructure as Code for AWS is now available

AWS is committed to supporting the mission of our Department of Defense (DoD) customers by providing innovative, efficient, and effective solutions. In support of this commitment, we are announcing the availability of DoD Cloud Infrastructure as Code (IaC) for AWS – a baseline that uses a collection of templates to enable defense mission owners to quickly build out secure, scalable cloud environments. DoD Cloud IaC for AWS is designed to help DoD organizations accelerate cloud adoption and support the rapid delivery of capabilities to the warfighter.

Read More

AWS Secure Environment Accelerator (ASEA) connectivity with VMware Cloud on AWS

The AWS Secure Environment Accelerator (ASEA) landing zone helps customers deploy and operate a secure multi-account, multi-Region AWS environment. Governments in Canada and others around the world currently use the ASEA, with over 30 deployments to date. Some of these same customers also use VMware Cloud on AWS to integrate on-premises vSphere environments, allowing them to move existing workloads to the cloud more quickly. Integrating your VMware workload with natively managed AWS services can help you reduce your operational overhead and optimize your total cost of ownership (TCO). In this blog post, we review the technical considerations related to integrating your ASEA landing zone with your VMware Cloud on the AWS environment.

Read More

Delivering better Medicaid services (and happier teams) with the AWS Cloud

In this blog post, the Georgia Department of Community Health (DCH) chief information officer, Venu Gurram, describes his experience transforming their Medicaid Management Information System (MMIS) from legacy on-premises infrastructure to a collection of services in the cloud. Learn how the DCH joined forces with another state entity, the Georgia Tech Research Institute (GTRI), to use the Amazon Web Services (AWS) Cloud to deliver the next generation of Medicaid technology: a Medicaid Enterprise System (MES).

Read More

Canadian Centre for Cyber Security adds additional AWS services to its assessment of the AWS Canada (Central) Region

The Canadian Centre for Cyber Security (CCCS) added more AWS services to its assessment of the AWS Canada (Central) Region, bringing the total number of assessed AWS services to 120. This provides Canadian public sector customers additional confidence that AWS Cloud services meet the Government of Canada’s security control requirements. Using these services in conjunction with the deployment of the open source AWS Secure Environment Accelerator (ASEA) solution reduces cloud service configuration time from months to days.

Read More

AWS Global Security and Compliance Acceleration initiative now supporting UK customers

Since its launch in June of 2019, the Authority to Operate on AWS (ATO on AWS) program has supported more than 300 US-based customers to meet their regulatory, security, and compliance requirements on AWS. To extend that support globally, Amazon Web Services (AWS) launched the Global Security and Compliance Acceleration (GSCA) initiative. The GSCA is now available to support customers in the United Kingdom (UK) and the European Union (EU).

Read More
aerial view of hands on laptop with illustrations of compliance

Supporting customers in the context of DiGAV compliance

A growing number of healthcare providers, payers, and IT professionals are using AWS’s secure, flexible, and scalable utility-based cloud services to process and store data including personal data. AWS provides a number of industry-leading tools to support customers address local regulatory and legislative requirements, including the German Digital Supply Act (DVG) and associated Digital Health Applications Ordinance (DiGAV), as they move healthcare workloads to the cloud.

Read More

10 years of government cloud innovation with AWS GovCloud (US)

Ten years ago, the federal government was only just beginning to adopt cloud computing services. In the early days, there were concerns about how much cloud services would cost and whether they’d be secure enough for sensitive government data. In listening to our government customers, we heard their concerns about cost and security. They also needed to innovate ahead of demand, and required a highly secure and compliant infrastructure to do it. That’s why we launched AWS GovCloud (US) in 2011.

Read More

Wickr, an AWS company, offers a secure and compliant solution to protect organizational communications

To offer security conscious enterprises and government agencies the ability to implement important governance and security controls, AWS acquired Wickr in June of 2021. Wickr helps organizations protect their collaboration with a secure and compliant solution. Built with a security-first mindset, Wickr delivers advanced security features not available with traditional communications services.

Read More