Deploy, operate, optimize, and secure your program's Amazon WorkSpaces at scale
CloudHesive works with customers to design, deploy, operate, and optimize end-user computing (EUC) environments based on Amazon WorkSpaces that apply National Institute of Standards and Technology (NIST) controls (800-171, 800-53) to the operations and management of the environment.
While Amazon WorkSpaces provides a robust virtual desktop experience, Centricity Secure Workplace for Government builds on the existing security profile of Amazon WorkSpaces to help customers meet additional controls and compliance standards through operational practices and technical architecture.
Centricity Secure Workplace for Government provides controls such as multi-factor authentication (MFA), enterprise directory integration, host-based file integrity monitoring, host-based firewall, host-based intrusion detection services, and data loss prevention to help secure customers' EUC environments.
Provisioned in AWS GovCloud and operated by United States citizens within the United States, each component of the solution implements Federal Information Processing Standard (FIPS) 140-2 encryption and, for components where the control domain extends outside of AWS GovCloud, is listed on the FedRAMP Marketplace. CloudHesive also offers service components to assist companies achieve Cybersecurity Maturity Model Certification (CMMC) Level 3 for support of Department of Defense (DoD) entities.
In addition to addressing security controls related to EUC, the Centricity platform provides management and oversight of the virtual desktop environment, allowing nontechnical business users to manage their Amazon WorkSpaces regardless of Amazon Web Services (AWS) account hierarchy or deployed-to region.
This is achieved by placing functionality such as starting, stopping, rebuilding, and managing virtual desktops at the fingertips of a business user and by providing metrics to help determine what the end user experience is such as latency and usability.
Availability
Argentina, Chile, Columbia, Paraguay, Peru, United States, Uruguay
Benefits
-
How it works
-
Key activities
-
Customer contribution
-
About this consultant
-
Architecture diagram
-
How it works
-
CloudHesive's consulting offer Centricity Secure Workplace for Government includes a a mix of proprietary and third-party software powered by multiple AWS services. The consulting offer is a hybrid of a SaaS platform, a consulting engagement, and a managed-services engagement, bringing a virtual desktop solution that helps customers meet their security control sets and operational needs.
Understanding that the requirements of Amazon WorkSpaces for each department or agency will vary, CloudHesive's consulting offer is capable of functioning as a standalone (with no interdependencies) or as a solution integrated into your existing enterprise footprint. Centricity Secure Workplace for Government supports net-new deployments of an EUC solution, migration from an existing EUC solution, or even optimization of your current Amazon WorkSpaces setup.
CloudHesive's process begins by understanding these requirements, weighing the trade-offs between them, and obtaining cross-functional consensus to the selected approach before initiating implementation.
For an implementation with a standalone approach, CloudHesive would start with a typical Amazon WorkSpaces deployment (Amazon Virtual Private Cloud [VPC], AD Connector or AWS Directory Service for Microsoft Active Directory, and Amazon WorkSpaces). In the course of the the Centricity Secure Workplace for Government consulting engagement, CloudHesive would add security controls aligned to customer's organizational compliance controls. These could include MFA, endpoint security, content filtering, data loss prevention, and operational monitoring and management.
Alongside the design and deployment, leveraging either a standard NIST control mapping or control sets of your choosing, CloudHesive would design an operational model to ensure that appropriate policies, training, and controls are identified and implemented.
These components are tightly integrated into the Centricity Secure Workplace for Government offer to provide a viewpoint into operational and security-driven metrics as well as Amazon WorkSpaces fleet management capabilities. Ultimately, this platform becomes the first line of support to CloudHesive's customers and their end users.
Alongside the Centricity platform, CloudHesive provides robust managed services aligned to the needs of EUC consumers to function as tier 2 support and to coordinate a variety of activities with CloudHesive's customers' business units, from application support teams to infrastructure teams and security and compliance teams. These activities may be proactive in nature (such as application upgrades), time-based (such as supporting quarterly compliance initiatives), or event-based (for example, application performance troubleshooting).
-
Key activities
-
1) Requirements gatheringReview customer requirements and determine deployment approach for standalone or integrated services
2) Control identification and mappingReview controls; map to process, policy, training, and technology or leverage pre-templated mappings3) PrerequisitesImplement supporting services and integrations (if needed) to existing enterprise environment4) Software deploymentProvision baseline workspaces; customer performs software installation; create bundles and images5) Acceptance testingBundles and images used to launch validation environment; customer software tested by customer6) TrainingProvide administration training on user management and Centricity platform to users7) DeploymentDeployment begins; Amazon WorkSpaces launched; users migrated; application support period begins8) Steady stateOngoing tiered support provided throughout managed-services term, providing day-to-day move/add/change support -
Customer contribution
-
Subject-matter expertsCustomer provides access to subject-matter expertsIntegrationBased on integration approach, customer may opt to integrate with their existing enterprise servicesSoftware installationBased on software deployment approach, customer may opt to install their software on predefined imagesAcceptance testingCustomer provides subject-matter experts to facilitate testing of the customer specific environmentTrain the trainerCustomer administrators and end-user support teams are trained on administration and end-user supportMigration supportCustomer provides one or more resources to manage end-user communication and activities during migrationPostmigration supportCustomer provides one or more resources to manage end-user communication and activities post migrationProject managerCustomer provides a project manager to facilitate customer contribution activities and communication
-
About this consultant
-
CloudHesive is an AWS Managed Service Provider Partner and has achieved a number of AWS Competencies and recognitions, including the AWS Digital Workplace Competency and the Authority to Operate on AWS designation. CloudHesive was founded in 2014 by veterans of the cloud technology space and helps customers adapt and transform their organizations by leveraging the power of the public cloud ecosystem through consulting and next generation managed services with a focus on operational excellence, security, reliability, performance efficiency, and cost optimization. CloudHesive serves customers in North America, South America, and beyond, with headquarters in Fort Lauderdale, FL, and offices in Norfolk, Virginia; Santiago, Chile; and Buenos Aires, Argentina.
CloudHesive's superpowers align to customers' enterprise needs, ranging from business tools such as Amazon WorkSpaces with CloudHesive's Centricity Secure Workplace for Government solution to application platforms supported by CloudHesive's Next-Generation Managed Services practice, to supporting CloudHesive's customers' Centers of Excellence via governance, cost management, and information security services and support.
-
Architecture diagram
Ready to get started?
Related Resources
CloudHesive's alignment to AWS Competencies, Partner Programs, and Service Validations supporting EUC
Browse our portfolio of Consulting Offers to get AWS verified help with solution deployment.
Browse our library of AWS self-deploy solutions to common architectural problems.
Engage with AWS Partners for secure, innovative, and cost-effective custom solutions that leverage the power and scalability of AWS services to meet your needs.