AWS Public Sector Blog
Category: Management & Governance
Announcing the Landing Zone Accelerator for Education to support customers in education and research
AWS announced the availability of Landing Zone Accelerator (LZA) for Education, an industry-specific deployment of the LZA on AWS, designed to further support education customers in designing cloud environments for their compliance needs. The LZA on AWS solution is architected to align with AWS best practices and multiple, global compliance frameworks. The new LZA for Education builds on the LZA to help customers secure their research workloads or workloads containing student data by giving them a set of default configurations that they can use as a starting point and iterate on to define security and compliance posture as code.
Creating a strategic approach to government continuity
Moving digital assets to the cloud is one of the first steps governments can take to secure their public services against large-scale disruptions. But according to our customers, this journey often brings challenges and roadblocks that are organizational rather than technical. Learn key takeaways from our engagements with public sector customers that can help you better prepare for this transformation.
The true costs of resiliency decisions
Many organizations may not fully recognize or calculate the true costs of workload resiliency decisions. These true costs include the full spectrum of costing considerations that make up a decision, from readily-determinable accounting costs to less-recognizable intangible costs. As public sector organizations often have limited resources and complex missions, it’s important to understand the true costs and economic impact involved in a resiliency decision; this can help these organizations to both prepare and plan with their available resources.
Best practices for creating highly available workloads
Many public sector organizations that are moving to the cloud often misunderstand that the architecture of AWS Regions and Availability Zones fundamentally changes how they should think about disaster recovery and resiliency. In this blog post, I share some best practices to answer common questions about building highly available workloads, and share some ways to consider high availability, disaster recovery, and application resiliency within AWS.
Managing nonprofit members and donors with CiviCRM on AWS
Managing donors, members, and constituents is essential to the success of most nonprofits. Customer relationship management (CRM) systems, like the no-cost, nonprofit-focused CiviCRM, are an important part of this process. In this post, learn how to deploy CiviCRM using AWS, and explore an architecture for deploying CiviCRM in a way that is highly available and resilient to service disruptions or events.
Open for registration: Cloud Audit Academy for Federal and DoD Workloads in AWS
AWS announced the launch of the Cloud Audit Academy (CAA) for Federal and DoD Workloads (FDW) in AWS. This is a two-day accelerated training course to educate customers on how to leverage AWS services to assist with US Federal and Department of Defense (DoD) security and compliance requirements. This training course also qualifies for 12 hours of continuing professional education (CPE). Register at no cost today.
Protect critical services with new Continuity of Government IT on AWS solution guide
Today, AWS announced Continuity of Government IT on AWS (CGIT), a comprehensive cloud-based solution guide that enables governments to protect their digital assets and services during disruptions of any kind. Governments can use CGIT to retain the integrity of critical datasets, back up applications, and transfer services to run in the cloud, reducing the risk of compromise and enabling continuity of government.
Addressing federal record retention in mobile device messaging
Virtually all federal, state, and local government agencies are subject to various data retention and records management policies, regulations, and laws. AWS Wickr provides federal agencies with an innovative solution that can help them build public trust by protecting sensitive communications, while supporting the capture and management of records.
What US federal customers need to know about memorandum M-21-31
The US Office of Management and Budget published M-21-31, a memorandum for federal government agencies to define event logging requirements related to cybersecurity incidents. These guidelines aim to support the detection, investigation, and remediation of cyber incidents on federal information systems. The memorandum defines various event logging (EL) tiers and the log data that must be captured for various log categories. Learn the services from AWS that have been called out explicitly in the memorandum for logging and retention requirements at the EL1 level, and the resources you can use to set up these services to capture the required log data.
Navigating ISM and Essential Eight compliance with AWS Config for Australian government agencies
To help our Australian customers, AWS provides pre-built conformance packs for the Australian Cyber Security Centre (ACSC) Essential Eight Maturity Model and the ACSC Information Security Manual (ISM). The ACSC’s Essential Eight was first published in 2017 and is a set of prioritised security mitigation strategies designed to help protect organisations against various security threats. In this blog post, I walk you through how to set up a conformance pack in AWS Config that is designed to help you implement and track the ASCS Essential Eight model.