AWS Public Sector Blog

Tag: zero trust

AWS branded background image with text overlay that says "Unlock the power of fine-grained access control with Amazon Verified Permissions"

Unlock the power of fine-grained access control with Amazon Verified Permissions

Public sector organizations face stringent compliance requirements, and any unauthorized access to protected health information (PHI) or personal identifiable information (PII) can result in legal penalties and reputational damage. This post aims to demonstrate how public sector customers can develop a fine-grained authorization module using Amazon Web Services (AWS) identity services, extending beyond the capabilities of traditional role-based access control (RBAC), so they can achieve compliance objectives.

AWS branded background design with text overlay that says "Building zero trust for the Department of Defense: Insights from Les Call, Director of the DoD CIO ZT PfMO"

Building zero trust for the Department of Defense: Insights from Les Call, Director of the DoD CIO ZT PfMO

In today’s digital landscape, federal agencies face unprecedented challenges in securing their complex information technology (IT) infrastructure. Traditional security models require more capability, which is why departments like the Department of Defense (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) are mandating zero trust architectures across their agencies. Renzo Rodriguez, managing director of US Federal Solutions Architecture at Amazon Web Services (AWS), sat down with Les Call, director of the Department of Defense CIO Zero Trust Portfolio Management Office, in a recent episode of “Mission Innovation, powered by AWS,” to explore the challenges and strategies of implementing zero trust within the DoD. Read this post for a recap of their conversation.

AWS branded background design with text overlay that says "Empowering zero trust in public sector with Cisco Umbrella for Government on AWS"

Empowering zero trust in public sector with Cisco Umbrella for Government on AWS

Zero trust in the US public sector has become critical, especially as cyber threats targeting government agencies grow more complex and sophisticated. In line with the federal mandate for zero trust architecture (ZTA) outlined in Executive Order M-22-09, government agencies are required to adopt a comprehensive security framework that continuously verifies trust for every access request. In this post, we demonstrate how Cisco Umbrella for Government, built on Amazon Web Services (AWS), plays a key role in ZTA by providing multi-layered security and granular visibility across on premises and AWS.

AWS branded background design with text overlay that says "AWS Verified Access in a TIC 3.0 architecture"

AWS Verified Access in a TIC 3.0 architecture

Federal agencies can use Amazon Web Services (AWS) to meet Trusted Internet Connections (TIC) 3.0 requirements. To facilitate this, AWS has published detailed architectural overlays that demonstrate how to effectively implement TIC 3.0 guidelines within AWS deployments. AWS Verified Access (AVA) is a cloud-based service that enables secure access to applications without requiring the use of a virtual private network (VPN). It evaluates each application request and gives users access to each application only when they meet the specified security requirements. AVA supports TIC 3.0 requirements in the areas of configuration management, centralized log management, strong authentication features, resilience, and policy enforcement. Read this post to learn more.

Announcing the Data Fabric Security on AWS solution

Announcing the Data Fabric Security on AWS solution

Amazon Web Services (AWS) developed the Data Fabric Security (DFS) on AWS solution to support the identity and access needs of a multi-organization system. With DFS on AWS, federal customers can accelerate joint interoperability, modernization, and data-driven decision making in the cloud by removing barriers that prevent systems and users from communicating while still strengthening security via Zero Trust principles.

How to create a cybersecurity analytics platform with AWS analytics and machine learning

Cybersecurity analytics is a systematic methodology designed to collect, ingest, process, aggregate, and analyze security events. This methodology empowers organizations to proactively perform security investigations, powered by advanced analytics and machine learning (ML), which help mitigate cyber issues more effectively and efficiently at scale. Learn about the core components of a cybersecurity analytics framework and how organizations can use AWS to design a cybersecurity analytics platform with analytics and ML services.