AWS Public Sector Blog
Tag: security
Create a secure and fast DevSecOps pipeline with CircleCI
In this blog post, we explain how government agencies can accelerate their development workflows while maintaining strict application and operational security using the principles of continuous integration and continuous delivery (CI/CD) and DevSecOps. We provide a solution to walk you through how you can quickly set up your own DevSecOps pipeline that incorporates AWS and third-party security tools to give you a fast, flexible, and secure software delivery process.
How UK public sector customers can implement NCSC security principles to protect data transfers to AWS
To drive innovation and optimise operations in the Amazon Web Services (AWS) Cloud, UK public sector organizations need to transfer data quickly and safely, in accordance with the National Cyber Security Centre (NCSC)’s guidance on how to configure, deploy, and use cloud services securely. The NCSC provides security guidance for protecting government systems, planning for cyber incidents, and more. In this post, we cover how you can configure AWS services—like AWS DataSync, AWS Storage Gateway, and AWS Transfer Family—to align your data transfer solution with the NCSC’s cloud security principles, as understanding these configurations is important to protect data and meet requirements for local force accreditation.
Australian Bureau of Statistics runs 2021 Census on the AWS Cloud
Earlier this year, the Australian Bureau of Statistics (ABS) ran the Australian Census, the agency’s most significant workload, on Amazon Web Services (AWS). The Census is the most comprehensive snapshot of the country, and includes around 10 million households and over 25 million people. With the COVID-19 pandemic causing lockdowns across the country, ABS needed a digital option for the Census that was accessible and reliable for millions of people. They turned to the cloud.
10 years of government cloud innovation with AWS GovCloud (US)
Ten years ago, the federal government was only just beginning to adopt cloud computing services. In the early days, there were concerns about how much cloud services would cost and whether they’d be secure enough for sensitive government data. In listening to our government customers, we heard their concerns about cost and security. They also needed to innovate ahead of demand, and required a highly secure and compliant infrastructure to do it. That’s why we launched AWS GovCloud (US) in 2011.
Wickr, an AWS company, offers a secure and compliant solution to protect organizational communications
To offer security conscious enterprises and government agencies the ability to implement important governance and security controls, AWS acquired Wickr in June of 2021. Wickr helps organizations protect their collaboration with a secure and compliant solution. Built with a security-first mindset, Wickr delivers advanced security features not available with traditional communications services.
Accelerate CMMC compliance with the AWS CMMC Customer Responsibility Matrix
AWS is launching the AWS Cybersecurity Maturity Model Certification (CMMC) Customer Responsibility Matrix (CRM). The AWS CMMC CRM reduces the level of effort required for CMMC compliance by providing customers a breakdown of the CMMC practices that they can inherit from AWS, and identifies CMMC practice roles and responsibilities when using the AWS Compliant Framework for Federal and DoD Workloads in AWS GovCloud (US).
How Rockdale County improved operations and security with the cloud
After Rockdale County, Georgia was the victim of two cyber attacks, the jurisdiction turned to the cloud to strengthen the county’s security position. They worked with AWS Partner Tyler Technologies, Inc. to help with their migration, which not only enhanced data security and continuity of operations, but also reduced network downtime by 99 percent, while streamlining budgeting and reducing the IT staff’s burden.
5 things public sector managers should know about cloud security accreditation programs
Accreditation programs and the organizational models that support them are priority considerations for public sector managers who are modernizing their IT. But managers often consider risk and compliance issues too late in the planning stage. Here are some key principles that can prevent accreditation-related issues from becoming a roadblock to cloud adoption.
Building digital capabilities to withstand future challenges, from cyberattacks to severe weather events
Recent events, from public sector cyberattacks and severe weather events to the ongoing global COVID-19 pandemic, have revealed that many educational institutions, as well as regional and local governments, are not fully prepared to respond to these incidents. At the same time, large-scale disruptive events illustrate how important it is for public sector organizations to respond rapidly to keep essential services running as well as quickly pivot to offer new services. In an IDC survey of 2,000 U.S. residents in September 2020, 31% said they would like to continue virtual government services as a replacement for in-person interactions, while another IDC survey of U.S. teachers revealed that 38% expect a growth in hybrid or remote learning to be a lasting change.
How to accelerate CMMC compliance with the new AWS Compliant Framework
The AWS Compliant Framework is an automated solution designed to help customers reduce the time to setup an environment for running secure and scalable workloads while implementing an initial security baseline that meets US federal government standards. The solution was designed to address the requirements for deploying DoD CMMC and DoD Cloud Computing Security Requirements Guide compliant environments.