Tag: Landing Zone Accelerator

Amazon Web Services (AWS) has collaborated with the UK National Cyber Security Centre (NCSC) to tailor advice on how UK public sector customers can use the Landing Zone Accelerator on AWS (LZA) to meet the NCSC’s guidance on “using cloud services securely.” Read this blog post to learn how the LZA on AWS can support each recommended action in the NCSC’s guidance.

This blog post provides technical guidance for UK organisations to implement their landing zone in-line with guidance from the UK National Cyber Security Centre (NCSC) using the LZA. 

The Landing Zone Accelerator on AWS (LZA) solution deploys a cloud foundation that is architected to align with AWS best practices and multiple global compliance frameworks. Customers with highly-regulated workloads and complex compliance requirements can use the LZA to better manage and govern their multi-account environment. Some of these same customers are also using VMware Cloud on AWS to integrate on-premises vSphere environments, allowing them to move existing workloads to the cloud more quickly. In this blog post, explore the technical considerations related to integrating your LZA landing zone with your VMware Cloud on the AWS environment.

Some US federal agencies and those who collaborate with them must support an automated, secure, and scalable multi-account cloud environment that meets Federal Risk and Authorization Management Program (FedRAMP) and Cybersecurity Maturity Model Certification (CMMC) standards. To support these needs, AWS customers and partners can deploy the Landing Zone Accelerator (LZA) on AWS. Recently, AWS worked with Coalfire, a FedRAMP-approved third-party assessment organization (3PAO) and AWS Partner, to assess and verify the LZA solution.

AWS announced the availability of Landing Zone Accelerator (LZA) for Education, an industry-specific deployment of the LZA on AWS, designed to further support education customers in designing cloud environments for their compliance needs. The LZA on AWS solution is architected to align with AWS best practices and multiple, global compliance frameworks. The new LZA for Education builds on the LZA to help customers secure their research workloads or workloads containing student data by giving them a set of default configurations that they can use as a starting point and iterate on to define security and compliance posture as code.

Many organizations within state and local government (SLG) and education must build digital environments and services that meet a variety of dynamic security and compliance considerations, such as StateRAMP and Federal Information Security Management Act (FISMA). Learn key top-level best practices from AWS for how to use AWS Security Services to meet the unique needs of education and SLG organizations.

The US Office of Management and Budget published M-21-31, a memorandum for federal government agencies to define event logging requirements related to cybersecurity incidents. These guidelines aim to support the detection, investigation, and remediation of cyber incidents on federal information systems. The memorandum defines various event logging (EL) tiers and the log data that must be captured for various log categories. Learn the services from AWS that have been called out explicitly in the memorandum for logging and retention requirements at the EL1 level, and the resources you can use to set up these services to capture the required log data.