AWS Public Sector Blog

Tag: compliance

laptop closing

Building your Cybersecurity Maturity Model Certification (CMMC) strategy using cloud technologies

The U.S. Department of Defense (DoD) released an interim rule, the Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019–D041), which includes NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) assessment methodology and requirements. Organizations have been planning for CMMC, and with the release of this interim rule, are now beginning to prepare and build strategy for CMMC compliance. Learn how you can build your CMMC strategy using cloud technologies.

Read More
AWS Compliance Week 2020

Accelerate cloud compliance for sensitive and regulated workloads: Register for AWS Compliance Week

If you are a technology professional looking to understand how cloud security adheres to compliance requirements, attend our AWS Compliance Week webinar series on November 2-6. You will learn how to architect compliant, multi-region cloud environments, establish agile governance for regulated workloads, and use new AWS solutions to help accelerate compliance. Hear government and industry perspectives on achieving high compliance from the General Services Administration’s FedRAMP program management office, and customers Maxar, Salesforce, and Coalfire.

Read More
IDC whitepaper: How government agencies meet security and compliance requirements with the cloud

New IDC whitepaper released: How government agencies meet security and compliance requirements with the cloud

A new IDC whitepaper, sponsored by AWS, “How Government Agencies Meet Security and Compliance Requirements in the Cloud” examines why federal agencies are moving more systems and information to the cloud as a launching point for agency-wide IT modernization. The paper shares executive, legislative, and other government-wide initiatives influencing agencies to accelerate their cloud adoption plans, risks IT leaders face by delaying cloud migrations, and how secure, compliant cloud environments help agencies achieve compliance and security for their sensitive workloads.

Read More
Stockholm at night

Announcing AWS ClearStart for Swedish public sector to accelerate security and regulatory compliance

To help our public sector customers in Sweden accelerate their journey to the cloud, we are launching the AWS ClearStart program. AWS ClearStart helps organizations meet security and regulatory needs through a set of guides, trainings, technology tools, and cloud computing experts to simplify the process of complying with Swedish and EU regulations, including the Public Access to Information and Secrecy Act (OSL) and General Data Protection Regulation (GDPR), as well as with international information security standards, such as ISO/IEC27001.

Read More
woman touching lock on screen

Canadian government meets citizen needs quickly with secure, compliant solutions built on AWS

Governments at all levels rapidly addressed the rising challenges of the COVID-19 pandemic. Canadian governments  met citizens’ needs quickly by building secure, compliant solutions on AWS to deliver critical information and services. Working with partners and AWS, Canadian governments and agencies released multiple solutions for providing a modern, digital-first experience for all to interact with the government and receive the information and services they need.

Read More
Amazon S3 Glacier

Securing Amazon S3 Glacier with a customer-managed encryption key

Customer managed encryption keys are a common architecture requirement within highly regulated workloads. This post demonstrates how to satisfy this requirement within Amazon Simple Storage Service (Amazon S3), including Amazon S3 Glacier. We also clarify some common points of confusion and demonstrate how objects can be uploaded directly to Amazon S3 Glacier via Amazon S3, which can help meet regulatory requirements as well as potentially save budget.

Read More
CMMC compliance

How to plan for Cybersecurity Maturity Model Certification (CMMC)

Later this year, the Cybersecurity Maturity Model Certification (CMMC) accreditation framework will take effect, impacting U.S. DoD contractors, supply chain, solution providers, and systems integrators. The DoD estimates that more than 300,000 organizations will require certification. In addition, other U.S. federal agencies and international organizations may adopt a similar framework to protect their intellectual property (IP). No matter the size of your organization, cloud-based services can help you meet the requirements of CMMC.

Read More
FedRAMP workbook automation

Automating creation of a FedRAMP Integrated Inventory Workbook

Did you know AWS can help deliver an automated solution for creating the FedRAMP Integrated Inventory Workbook? This workbook needs to be updated and submitted to the FedRAMP Project Management Office (PMO) monthly for continuous monitoring. Automating this workbook saves manual work hours. Any customer going through the FedRAMP authorization process can leverage this workbook. Understand how to gather an inventory of AWS resources from AWS Config data to create the FedRAMP Integrated Inventory Workbook.

Read More
University in California exterior photo

AWS and CITE showcase commitment to student data privacy through the California AB 1584 Compliance Addendum

This month, Amazon Web Services (AWS) and California IT in Education (CITE, formerly CETPA) announced the new California AB 1584 Compliance Addendum, a contract addendum available to AWS customers in California that are required to affirm compliance with California Assembly Bill 1584 (AB 1584) in California Education Code Section 49073.1.

Read More
AWS Compliance Week details

Join AWS Compliance Week to learn how to navigate security and compliance in the public sector

AWS GovCloud (US) isn’t just for government agencies – U.S. commercial companies in aerospace, defense manufacturing, law enforcement, healthcare, financial services, and energy with regulated workloads, sensitive data, and export-controlled data rely on AWS GovCloud (US) to modernize IT. Learn more during next week’s AWS Compliance Week. Themed “Achieving Cloud Compliance and Security in the AWS Cloud,” AWS solutions architects will discuss in five webinars how customers can meet cloud security and compliance challenges using AWS GovCloud (US).

Read More