Tag: security

Even in uncertain times, election officials and political stakeholders are committed to serving a dynamic electorate in a secure, scalable, and cost-effective way. Cloud-based technologies from Amazon Web Services (AWS) and the AWS Partner Network (APN) can help elections administrators, campaigns, and civic engagement organizations with access to information, security and scalability, and absentee voting workflow solutions.

Until we can meet again, we’ve curated a collection of the top AWS re:Inforce 2019 sessions for security and compliance professionals in the public sector. These sessions answer the compliance questions you were afraid to ask, share ways to harness diversity in your security organization, explore how AWS security services can help encrypt data, manage security alerts, and automate compliance.

Data is an organization’s critical asset, which is why safeguarding it against ransomware attacks, natural disasters, emergencies, or technical failures is a top priority. Legacy data storage, such as tape, makes sharing and protecting data costly and time consuming. AWS released a series of educational webinars and whiteboarding videos that discuss how to raise the bar on data protection in the AWS Cloud.

Organizations around the world are making headlines after falling victim to ransomware attacks. Ransomware is malicious code designed to gain unauthorized access to systems and data and encrypt that data to block access by legitimate users. A newly released eBook, “Securing your AWS environments from ransomware,” shares who is at risk and why ransomware is effective, whether to pay or not pay the ransom, and how customers can automatically inherit certain security controls by building on AWS.

Are you a U.S. government employee or contractor who is interested in learning about cloud computing? AWS is now offering the AWS Cloud Practitioner Essentials Day and AWS Technical Essentials Day courses virtually to government workers interested in learning about the cloud. These instructor-led courses will be offered online starting Monday, March 23.

Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.

Customers with stringent regulatory or risk-averse considerations may look to Zero Trust architectures to refactor legacy applications or deploy new ones. This blog will help you evaluate your application architecture against Zero Trust principles and use AWS to build secure and scalable architectures.

Cloud security at AWS is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations.

AWS GovCloud (US) isn’t just for government agencies – U.S. commercial companies in aerospace, defense manufacturing, law enforcement, healthcare, financial services, and energy with regulated workloads, sensitive data, and export-controlled data rely on AWS GovCloud (US) to modernize IT. Learn more during next week’s AWS Compliance Week. Themed “Achieving Cloud Compliance and Security in the AWS Cloud,” AWS solutions architects will discuss in five webinars how customers can meet cloud security and compliance challenges using AWS GovCloud (US).

Writing code and deploying an application can expose you to security vulnerabilities. This means your security woes don’t end after architecting. This post reviews common application security vulnerabilities, as well as how to build, test, and deploy code to catch vulnerabilities early.