AWS Public Sector Blog
Tag: AWS Control Tower
The essential role of a landing zone in a government’s digital transformation
Creating a government that is more transparent, better performing, and capable of responding to the needs of its citizens in real-time is not without its challenges. Governments must navigate a complex landscape of legacy systems, stringent regulations, and the need to protect sensitive citizen data. This is when the concept of a landing zone becomes essential.
DoSomething’s journey with AWS brings efficiency, scalability
DoSomething is a leading nonprofit organization for youth-centered impact and service. When they decided to build a new platform from the ground up, they focused on simplification and scalability. Amazon Web Services emerged as the optimal solution due to robust support for nonprofits and comprehensive suite of services. Read this post to learn more.
University of British Columbia Cloud Innovation Centre: Governing an innovation hub using AWS management services
In January 2020, Amazon Web Services (AWS) inaugurated a Cloud Innovation Centre (CIC) at the University of British Columbia (UBC). The CIC uses emerging technologies to solve real-world problems and has produced more than 50 prototypes in sectors like healthcare, education, and research. The Centre’s work has involved 300-plus AWS accounts across various groups, including external collaborators, UBC staff, students, and researchers. This post discusses the management of AWS in higher education institutions, emphasizing governance to securely foster innovation without compromising security and detailing policies and responsibilities for managing AWS accounts across projects and research.
The AWS approach to accelerating innovation and procurement with state agencies
Despite a common misconception about government, state agencies regularly innovate on behalf of their constituents. In this post, Amazon Web Services (AWS) experts share examples of innovation from New Mexico and North Carolina. We also provide tips for accelerating procurement and maintaining visibility over rapidly implemented workloads.
How to transfer data to the CISA Cloud Log Aggregation Warehouse (CLAW) using Amazon S3
In this post, we show you how you can push or pull your security telemetry data to the National Cybersecurity Protection System (NCPS) Cloud Log Aggregation Warehouse (CLAW) using Amazon Web Services (AWS) Simple Storage Service (Amazon S3) or third-party solutions.
Building compliant healthcare solutions using Landing Zone Accelerator
In this post, we explore the complexities of data privacy and controls on Amazon Web Services (AWS), examine how creating a landing zone within which to contain such data is important, and highlight the differences between creating a landing zone from scratch compared with using the AWS Landing Zone Accelerator (LZA) for Healthcare. To aid explanation, we use a simple healthcare workload as an example. We also explain how LZA for Healthcare codifies HIPAA controls and AWS Security Best Practices to accelerate the creation of an environment to run protective health information workloads in AWS.
Data security and governance best practices for education and state and local government
Many organizations within state and local government (SLG) and education must build digital environments and services that meet a variety of dynamic security and compliance considerations, such as StateRAMP and Federal Information Security Management Act (FISMA). Learn key top-level best practices from AWS for how to use AWS Security Services to meet the unique needs of education and SLG organizations.
What US federal customers need to know about memorandum M-21-31
The US Office of Management and Budget published M-21-31, a memorandum for federal government agencies to define event logging requirements related to cybersecurity incidents. These guidelines aim to support the detection, investigation, and remediation of cyber incidents on federal information systems. The memorandum defines various event logging (EL) tiers and the log data that must be captured for various log categories. Learn the services from AWS that have been called out explicitly in the memorandum for logging and retention requirements at the EL1 level, and the resources you can use to set up these services to capture the required log data.
AWS announces low-to-no cost security services for federal political campaigns and committees
It is essential for election campaigns and committees to have access to the latest security services so they can mitigate risks against security threats at minimal cost. To support this, AWS is collaborating with Defending Digital Campaigns (DDC) to offer more than 20 cybersecurity-related AWS services for low-to-no cost to all active and registered national party committees and federal candidate committees for the US House and US Senate midterm elections that are eligible in accordance with DDC and Federal Election Commission (FEC) criteria.
How UK public sector customers can implement NCSC security principles to protect data transfers to AWS
To drive innovation and optimise operations in the Amazon Web Services (AWS) Cloud, UK public sector organizations need to transfer data quickly and safely, in accordance with the National Cyber Security Centre (NCSC)’s guidance on how to configure, deploy, and use cloud services securely. The NCSC provides security guidance for protecting government systems, planning for cyber incidents, and more. In this post, we cover how you can configure AWS services—like AWS DataSync, AWS Storage Gateway, and AWS Transfer Family—to align your data transfer solution with the NCSC’s cloud security principles, as understanding these configurations is important to protect data and meet requirements for local force accreditation.