Tag: Preparing for a compliance audit
AWS announced the launch of the Cloud Audit Academy (CAA) for Federal and DoD Workloads (FDW) in AWS. This is a two-day accelerated training course to educate customers on how to leverage AWS services to assist with US Federal and Department of Defense (DoD) security and compliance requirements. This training course also qualifies for 12 hours of continuing professional education (CPE). Register at no cost today.
Since signing a framework agreement with the Government of Canada (GC) in 2019, AWS has developed an open source solution to automate the deployment of security controls for GC customers, which can reduce the time it takes to achieve an Authority to Operate (ATO). Natural Resources Canada (NRCan) used this solution to implement their cloud landing zone controls aligned with the Protected B, Medium Integrity, Medium Availability (PBMM) profile. They worked with AWS Partner Kainos to complete an ATO evidence package in only 60 days—a process that typically takes 18 months.
How UK public sector customers can implement NCSC security principles to protect data transfers to AWS
To drive innovation and optimise operations in the Amazon Web Services (AWS) Cloud, UK public sector organizations need to transfer data quickly and safely, in accordance with the National Cyber Security Centre (NCSC)’s guidance on how to configure, deploy, and use cloud services securely. The NCSC provides security guidance for protecting government systems, planning for cyber incidents, and more. In this post, we cover how you can configure AWS services—like AWS DataSync, AWS Storage Gateway, and AWS Transfer Family—to align your data transfer solution with the NCSC’s cloud security principles, as understanding these configurations is important to protect data and meet requirements for local force accreditation.
Created in conjunction with a five-part Twitch mini-series (March 28 – April 25), these weekly blog posts provide resources and guidance to support the live, 60-minute broadcasts. To sign up and learn more about the series, click here. As we wrap up our five-part blog series on building secure applications, we conclude with one of the […]