AWS Government, Education, & Nonprofits Blog

Tag: compliance

Announcing ATO on AWS

We announced the Authority to Operate (ATO) on AWS program, which provides resources to Independent Software Vendors (ISVs) who aspire to achieve a compliance authorization, such as FedRAMP, Defense Federal Acquisition Regulation Supplement (DFARS), Payment Card Industry (PCI), Criminal Justice Information Services (CJIS), and many other compliance programs.

Read More

The Five Ways Organizations Initially Get Compromised and Tools to Protect Yourself

Over the years, many organizations’ on-premises IT infrastructure has been compromised. Often times, organizations are left defending infrastructure, data, and people without understanding who is attacking them and why. But the sliver lining is that attackers often use the same tactics to try to initially compromise their targets. Knowing the ways that attackers try to get a foothold in your environment can help you defend it better.

Read More

AWS Achieves Full Empanelment for the Delivery of Cloud services by India’s Ministry of Electronics and Information Technology

AWS announced that Amazon Internet Services Private Limited (AISPL), an Indian subsidiary of the Amazon Group, which undertakes the resale and marketing of AWS Cloud services in India, has achieved full Cloud Service Provider (CSP) empanelment, and successfully completed the STQC (Standardization Testing and Quality Certification) audit from the Indian Ministry of Electronics and Information Technology (MeitY) for cloud services delivered from the AWS Asia Pacific (Mumbai) Region.

Read More

Rising to the Challenge of the Electronic Records Directives

Guest post by Tara Combs, RM Specialist, Alfresco Software The Managing Government Records Directive (OMB/NARA) sets goals that federal agencies must meet to modernize records management. Complying with the Directive presents opportunities to adopt a 21st century approach based on digitization, automation, open source, and cloud technologies. But the clock is ticking. It’s now time […]

Read More

Meeting DFARS Requirements with AWS

A growing number of military customers are adopting AWS’s utility-based cloud services to process, store, and transmit all types of unclassified Department of Defense (DoD) data. AWS enables DoD and its contractors to leverage the secure AWS environment to meet critical mission needs in supporting the security and welfare of our country. Strengthening our commitment […]

Read More

How to Achieve AWS Cloud Compliance with AWS, Allgress, and CloudCheckr

Assessing and measuring compliance requirements can be a full-time job. To mitigate risks, organizations must plan for cloud-based risk treatments, reporting and alerts, and automated responses to maintain security and compliance, as well as modernize their governance at scale. AWS and its Amazon Partner Network (APN) security partners are developing security and compliance tools to […]

Read More

What’s New for AWS Security & Compliance Services from re:Invent 2016

At this year’s re:Invent conference in Las Vegas, AWS made several security and compliance-related service availability announcements important to our public sector customers, including: AWS Shield, AWS Organizations, EC2 Systems Manager, enhancements to AWS Cloud Trail, and AWS Artifact. AWS Shield AWS Shield is a new managed service that protects your web applications against DDoS (Distributed […]

Read More

How to Achieve and Maintain ITAR Compliance in the Cloud

AWS GovCloud (US) is AWS’s isolated cloud region, which addresses International Traffic in Arms Regulations (ITAR) compliance requirements, and is accessible only to vetted root account holders who are U.S. Persons. Organizations and individuals with ITAR-controlled information are generally required to take necessary steps to make sure only U.S. Persons can view covered data. As […]

Read More