Security in the public sector: The why and how

Cloud security at Amazon Web Services (AWS) is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations.

We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations. The scale and global reach of our customers gives us visibility and perspective on cloud security, knowledge that we rapidly reinvest back into our infrastructure and services.

With AWS, you can build on the most secure global infrastructure, knowing you always own your data, including the ability to encrypt it, move it, and manage retention. The AWS Cloud allows customers, like FINRA and NASA JPL, to scale and innovate, while maintaining a secure environment. We also have a large community of security partners that meet many regulatory or compliance requirements, supporting more security standards and compliance certifications than any other offering, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171.

At the 2019 AWS Public Sector Summit in Washington, DC, AWS experts as well as customers and partners spoke about cloud security for government, education, and nonprofit institutions. Check out the videos below:

• Best Practices for Public Sector AWS Security Posture: With recent data exposures, IT security has become increasingly concerned with protecting infrastructure-as-a-service (IaaS) data. And with IaaS market growth reaching 42.8% last year — twice that of software as a service, according to Gartner — it’s no surprise that public and private sector organizations are turning to the cloud. Hear Slawomir Ligier, VP of Engineering at McAfee MVISION Cloud (formerly Skyhigh Networks), and AWS Public Sector Solutions Architect Tres Vance explore best practices for securing your AWS environment.
• So You’ve Got ATO — Are You Sure You are Secure?: Most organizations are great at securing their network, operating system, databases, and applications. However, even for those organizations that have been in the cloud for a few years, many are still learning how to set up the proper mechanisms to identify, protect, detect, respond, and recover at the AWS layer. Explore services like AWS Identity and AWS Access and Identity Management (IAM), AWS Key Management Service (KMS), Amazon Simple Storage Service (S3), Amazon Virtual Private Cloud (VPC), Amazon CloudWatch Logs, and Amazon GuardDuty.
• Building Next-Generation Cybersecurity with Today’s Machine Learning Solutions: Go beyond cyber basics and learn how to enable threat detection to proactively monitor and get ahead of unusual user behaviors, account anomalies, and even data breaches. Leverage artificial intelligence and machine learning to quickly and accurately assess your organization’s vulnerabilities without human intervention, and build a better cyber strategy that’s ready for anything.
• Cybersecurity: A Drive Force Behind Cloud Adoption: There are four common challenges that CISOs and their security teams struggle with even in the most secure and mature organizational datacenters – visibility, resilience, defense-in-depth, and automation. Learn how these challenges become benefits of using the AWS Cloud and why cybersecurity is becoming a driving force behind cloud adoption.
• Maryland Builds Human Services Platform Starting with Data Integration: Many U.S. states are hampered by traditional technology silos and data barriers between agencies. Starting in 2017, the Maryland Department of Human Services initiated a cloud-based data repository and application platform for delivering social services to its residents – known as MD THINK. Using services including Amazon Elastic Compute Cloud (EC2), Amazon Elastic Container Service (ECS), and Amazon Relational Database Services (RDS), agencies requiring application modernization to support mission-critical operations can migrate quickly and share data more seamlessly. In this video, Maryland’s Chief Information Security Officer, John Evans, discusses how they designed for security, scalability, and data integration and built a platform that already serves one-third of Maryland residents (with bigger plans ahead).
• The Evolution of Large Scale Enterprise Public Cloud Adoption: Moving ‘onesie twosie’ workloads to the cloud can be tricky enough, so how do you drive cloud adoption for a massive organization charged with providing excellent service to their clients? How do you address the technical, security, and most of all the people aspects of such a large scale transformation? Customer share the hard won lessons from the enterprise adoption of public cloud. Getting executive buy in and commitment, establishing a cloud organization, setting primary migration goals, and building a secure foundation are all vital elements of driving successful adoption at scale.

Check out more videos from the AWS Public Sector Summit 2019 and look to attend some of our upcoming AWS Summits in a city near you.

You might also be interested in some of our whitepapers:

• AWS Well-Architected Framework: Security Pillar
• AWS Security Incident Response Guide
• Security Overview of AWS Lambda

Learn more on the AWS Security webpage, check out the AWS Security Resources, or read the AWS Security blog or more public sector stories on security. And watch the Cloud Security 101 video on the Initiate eLearning hub.

Subscribe to the AWS Public Sector Blog newsletter to get the latest in AWS tools, solutions, and innovations from the public sector delivered to your inbox, or contact us.