Tag: security

Organizations around the world are making headlines after falling victim to ransomware attacks. Ransomware is malicious code designed to gain unauthorized access to systems and data and encrypt that data to block access by legitimate users. A newly released eBook, “Securing your AWS environments from ransomware,” shares who is at risk and why ransomware is effective, whether to pay or not pay the ransom, and how customers can automatically inherit certain security controls by building on AWS.

Are you a U.S. government employee or contractor who is interested in learning about cloud computing? AWS is now offering the AWS Cloud Practitioner Essentials Day and AWS Technical Essentials Day courses virtually to government workers interested in learning about the cloud. These instructor-led courses will be offered online starting Monday, March 23.

Cloud-based technologies allow organizations like governments to build a new application on existing services on the internet that offers open and documented APIs to deliver reliable data. These services have an authentication model so that new users verify their identity before accessing, even if it’s offered at no cost. There are three components in this scenario: a service provider, an end user, and an application that needs to access user data. The key technology here is OAuth. OAuth is a standard that enables access delegation.

Customers with stringent regulatory or risk-averse considerations may look to Zero Trust architectures to refactor legacy applications or deploy new ones. This blog will help you evaluate your application architecture against Zero Trust principles and use AWS to build secure and scalable architectures.

Cloud security at AWS is the highest priority. AWS customers benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. We listen closely to our customers to offer both a secure cloud computing environment and innovative security services that satisfy the security and compliance needs of the most risk-sensitive organizations.

AWS GovCloud (US) isn’t just for government agencies – U.S. commercial companies in aerospace, defense manufacturing, law enforcement, healthcare, financial services, and energy with regulated workloads, sensitive data, and export-controlled data rely on AWS GovCloud (US) to modernize IT. Learn more during next week’s AWS Compliance Week. Themed “Achieving Cloud Compliance and Security in the AWS Cloud,” AWS solutions architects will discuss in five webinars how customers can meet cloud security and compliance challenges using AWS GovCloud (US).

Writing code and deploying an application can expose you to security vulnerabilities. This means your security woes don’t end after architecting. This post reviews common application security vulnerabilities, as well as how to build, test, and deploy code to catch vulnerabilities early.

Before a developer can commit their first line of code, they must think about the security of their application. With a move toward a DevSecOps culture, security is not solely the job of the security team – in the same way that infrastructure and deployment are not the sole responsibilities of the operations team. Developers should partake in both operations and security, as they know their own application best. This blog outlines a framework for thinking about security for your app’s infrastructure and how AWS’ product features can address those concerns.

Security is job zero at Amazon Web Services (AWS). What should that mean to you as a new user of the AWS Cloud? How does it translate to a regulated environment, such as healthcare, government, education, or financial services? Securing your AWS account is the first place to start.
How you set up your account depends on your organization. It’s possible your account was created for you by your central IT organization, using AWS Control Tower or AWS Organizations. If that’s the case, some of the below may have already been done for you. The following can serve as a helpful check as you get started.

The Australian Cyber Security Centre (ACSC) has awarded PROTECTED certification to AWS. This is currently the highest data security certification available in Australia for cloud providers on the Certified Cloud Services List (CCSL). With this new certification, public sector organisations can easily store their most highly sensitive workloads in the AWS Cloud.