AWS Public Sector Blog

Tag: security

AWS branded background design with text overlay that says "Transforming financial markets: How FIA Tech built the Trade Data Network on AWS"

Transforming financial markets: How FIA Tech built the Trade Data Network on AWS

This post discusses how FIA Tech, a leading technology provider for the exchange traded derivatives (ETD) industry, built the Trade Data Network (TDN) on Amazon Web Services (AWS). TDN is an industry initiative that provides a shared ledger of trading information to address the fragmentation and lack of transparency in ETD post-trade processing. The TDN initiative currently includes 17 banks/brokers and 40 investment managers and hedge funds with combined assets under management of more than $34 trillion.

Complying with updated NIH Genomic Data Sharing policies on AWS

The National Institutes of Health (NIH) has long maintained guidelines governing the responsible management of controlled access human genomic and phenotypic data maintained in NIH-designated data repositories. Recently, the NIH updated these guidelines to align with the NIST SP 800-171 security standard, which defines a comprehensive framework for securing Controlled Unclassified Information (CUI). In this blog post, we will explore the specifics of the updated NIH guidance and outline how Amazon Web Services (AWS) can help customers build a compliant environment to meet these requirements.

AWS branded background design with text overlay that says "¬¬¬Extracting insights from PubMed articles using Amazon Q Business"

Extracting insights from PubMed articles using Amazon Q Business

PubMed Central (PMC) is a leading resource for biomedical literature, offering a vast repository of full-text biomedical and life sciences journal articles. While PMC offers immense potential to accelerate scientific progress, inform evidence-based practice, and drive innovation in the biomedical and life sciences fields, the sheer volume of data presents a significant challenge. This is where Amazon Q Business comes in. It’s a powerful service designed to streamline the process of analyzing vast amounts of scientific literature and provide valuable insights efficiently. Read this post to learn more.

AWS branded background design with text overlay that says "AWS Verified Access in a TIC 3.0 architecture"

AWS Verified Access in a TIC 3.0 architecture

Federal agencies can use Amazon Web Services (AWS) to meet Trusted Internet Connections (TIC) 3.0 requirements. To facilitate this, AWS has published detailed architectural overlays that demonstrate how to effectively implement TIC 3.0 guidelines within AWS deployments. AWS Verified Access (AVA) is a cloud-based service that enables secure access to applications without requiring the use of a virtual private network (VPN). It evaluates each application request and gives users access to each application only when they meet the specified security requirements. AVA supports TIC 3.0 requirements in the areas of configuration management, centralized log management, strong authentication features, resilience, and policy enforcement. Read this post to learn more.

AWS branded background design with text overlay that says "Deploying AWS Modular Data Center: From ordering to delivery and installation"

Deploying AWS Modular Data Center: From ordering to delivery and installation

The Amazon Web Services (AWS) Modular Data Center (MDC) is a service that enables rapid deployment of AWS managed data centers for running location- or latency-sensitive applications in locations with limited infrastructure. It reduces deployment time in remote areas and supports up to five racks of AWS Outposts or AWS Snow Family devices. In this post, we guide you through the end-to-end process of deploying the MDC at your site.

AWS branded background design with text overlay that says "Using Login.gov as an OIDC IdP with Amazon Cognito user pools"

Using Login.gov as an OIDC IdP with Amazon Cognito user pools

As federal agencies strive to enhance digital services and create a seamless customer experience, integrating robust identity and access management (IAM) solutions has become paramount. Amazon Cognito, a robust user identity management service offered by Amazon Web Services (AWS), provides a secure and scalable solution for managing user authentication and authorization. When combined with Login.gov, a trusted identity platform developed by the U.S. General Services Administration (GSA), federal agencies can unlock a powerful combination that streamlines user access while maintaining the highest levels of security and compliance.

AWS branded background design with text overlay that says "The key components of CISA’s Malcolm on Amazon EKS"

The key components of CISA’s Malcolm on Amazon EKS

Malcolm is a powerful, open source network traffic analysis tool suite created by the Cybersecurity and Infrastructure Security Agency (CISA) to aid public and private sector customers in improving their network security monitoring and incident response. Malcolm is most commonly used for incident response, network monitoring, threat hunting, training, and research, but can be adapted for other use cases. In this post, we introduce you to the key components of Malcolm on Amazon Elastic Kubernetes Service (Amazon EKS).

AWS branded background design with text overlay that says "AWS hosts inaugural Defense Industry Partner Forum"

AWS hosts inaugural Defense Industry Partner Forum

In August 2024, Amazon Web Services (AWS) convened more than 65 Defense Industrial Base (DIB) companies at Amazon’s HQ2 in Arlington, Virginia for the inaugural AWS Defense Industry Forum. The DIB consists of more than 100,000 companies and subcontractors, which support the U.S. Department of Defense (DoD), and AWS joins forces with DIB partners to provide global infrastructure and cutting-edge technology to outpace our adversaries. Read this post to learn more about the two-day event.

AWS branded background with text overlay that says "Mitigating inadvertent IPv6 prefix advertisement with AWS automation"

Mitigating inadvertent IPv6 prefix advertisement with AWS automation

As federal agencies migrate to the Trusted Internet Connections (TIC) 3.0 framework, they will use Amazon Web Services (AWS) to exit to the internet, bypassing the TIC network. This transition requires agencies to plan and coordinate migration activities to verify seamless IPv6 connectivity. Agencies need to coordinate advertising their IPv6 prefixes with AWS, using mechanisms like Bring your own IP addresses (BYOIP). The migration process could involve changes in routing policies, firewall rules, and security controls to accommodate the IPv6 prefix changes. Read this post to learn more.

AWS branded background design with text overlay that says "University of British Columbia Cloud Innovation Centre: Governing an innovation hub using AWS management services"

University of British Columbia Cloud Innovation Centre: Governing an innovation hub using AWS management services

In January 2020, Amazon Web Services (AWS) inaugurated a Cloud Innovation Centre (CIC) at the University of British Columbia (UBC). The CIC uses emerging technologies to solve real-world problems and has produced more than 50 prototypes in sectors like healthcare, education, and research. The Centre’s work has involved 300-plus AWS accounts across various groups, including external collaborators, UBC staff, students, and researchers. This post discusses the management of AWS in higher education institutions, emphasizing governance to securely foster innovation without compromising security and detailing policies and responsibilities for managing AWS accounts across projects and research.