Tag: security

Before a developer can commit their first line of code, they must think about the security of their application. With a move toward a DevSecOps culture, security is not solely the job of the security team – in the same way that infrastructure and deployment are not the sole responsibilities of the operations team. Developers should partake in both operations and security, as they know their own application best. This blog outlines a framework for thinking about security for your app’s infrastructure and how AWS’ product features can address those concerns.

Security is job zero at Amazon Web Services (AWS). What should that mean to you as a new user of the AWS Cloud? How does it translate to a regulated environment, such as healthcare, government, education, or financial services? Securing your AWS account is the first place to start.
How you set up your account depends on your organization. It’s possible your account was created for you by your central IT organization, using AWS Control Tower or AWS Organizations. If that’s the case, some of the below may have already been done for you. The following can serve as a helpful check as you get started.

The Australian Cyber Security Centre (ACSC) has awarded PROTECTED certification to AWS. This is currently the highest data security certification available in Australia for cloud providers on the Certified Cloud Services List (CCSL). With this new certification, public sector organisations can easily store their most highly sensitive workloads in the AWS Cloud.

Continuous Diagnostics and Mitigation (CDM) is an important part of the federal government’s cybersecurity strategy, and it’s getting a boost in visibility since the House passed the Advancing Cybersecurity Diagnostics and Mitigation Act (H.R. 6443). Among other things, this Act directs the U.S. Department of Homeland Security (DHS) to develop and provide the capability to collect, analyze, and visualize government-wide information relating to security data and cybersecurity risks and to make these program capabilities available for use by any federal agency.

Over the years, many organizations’ on-premises IT infrastructure has been compromised. Often times, organizations are left defending infrastructure, data, and people without understanding who is attacking them and why. But the sliver lining is that attackers often use the same tactics to try to initially compromise their targets. Knowing the ways that attackers try to get a foothold in your environment can help you defend it better.

Over the years, I have talked to thousands of customers about security and compliance topics. Many of these conversations revolved around specific security controls customers were interested in, or assurances about how specific cloud services are managed, or whether a cloud service complies with a specific regulation. Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) tend to be focused on maximizing control and visibility – and for good reasons. But with the focus on security controls and compliance requirements, one important topic rarely gets discussed: innovation. Overlooking the value of innovation to an organization, and the value of the pace of innovation, can be a serious ROI miscalculation.

Choice and self-determination are cornerstones of our nation’s democratic process. Come election night, we might not all root for the same candidates, but there’s one point we can all rally around – the need for modernization and the role of the cloud in powering U.S. elections.

One of the hottest security and compliance related topics that customers want to discuss is the General Data Protection Regulation (GDPR). On May 25, 2018, GDPR came into force. This new regulation raises the minimum bar where personal data protection is concerned.

AWS has developed the Well-Architected Framework to help customers architect their mission-critical applications on AWS with secure, high-performing, resilient and efficient infrastructure. Well Architected can help you build and deploy faster, lower or mitigate risks, make informed decisions, and learn AWS best practices.

In November, with the launch of the AWS Secret Region, we achieved a Provisional Authorization (PA) for Impact Level 6 (IL6) workloads from the U.S. Defense Information Systems Agency (DISA), the IT combat support organization of the U.S. Department of Defense (DoD). The PA was recently updated to add 11 new AWS services. A service catalog for the Region is available through your AWS Account Executive.