Tag: compliance

What do AWS public sector customers need to know about the State Risk and Authorization Management Program (StateRAMP) and how can you use AWS to help meeting StateRAMP requirements? In this blog post, learn a quick recap on what StateRAMP is and how it differs from the similar Federal Risk and Authorization Management Program (FedRAMP). 

Justice and public safety agencies and their solution providers are building highly available, resilient, and secure applications on AWS at a rapid pace. As these solutions are built, AWS’s innovative features and security controls can help customers comply with the latest Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) Security Policy updates, and align with CJIS compliance not only in AWS GovCloud (US), but also in AWS (US) Commercial regions. Customers can confidently deploy CJIS workloads in either AWS (US) Region, while maintaining access to simple and powerful cloud native tools to manage the full lifecycle of sensitive data.

The Landing Zone Accelerator on AWS (LZA) solution deploys a cloud foundation that is architected to align with AWS best practices and multiple global compliance frameworks. Customers with highly-regulated workloads and complex compliance requirements can use the LZA to better manage and govern their multi-account environment. Some of these same customers are also using VMware Cloud on AWS to integrate on-premises vSphere environments, allowing them to move existing workloads to the cloud more quickly. In this blog post, explore the technical considerations related to integrating your LZA landing zone with your VMware Cloud on the AWS environment.

Some US federal agencies and those who collaborate with them must support an automated, secure, and scalable multi-account cloud environment that meets Federal Risk and Authorization Management Program (FedRAMP) and Cybersecurity Maturity Model Certification (CMMC) standards. To support these needs, AWS customers and partners can deploy the Landing Zone Accelerator (LZA) on AWS. Recently, AWS worked with Coalfire, a FedRAMP-approved third-party assessment organization (3PAO) and AWS Partner, to assess and verify the LZA solution.

AWS announced the availability of Landing Zone Accelerator (LZA) for Education, an industry-specific deployment of the LZA on AWS, designed to further support education customers in designing cloud environments for their compliance needs. The LZA on AWS solution is architected to align with AWS best practices and multiple, global compliance frameworks. The new LZA for Education builds on the LZA to help customers secure their research workloads or workloads containing student data by giving them a set of default configurations that they can use as a starting point and iterate on to define security and compliance posture as code.

Performance Dashboard on AWS is an open source solution in the AWS Solutions Library designed by AWS experts to help organizations build, deploy, and maintain customizable dashboards to communicate the data-driven performance of public sector services. After this initial release, the Government Transformation Team (GTT) at AWS enlisted the help of the UK’s Digital Accessibility Centre (DAC), LevelAccess, and an internal AWS accessibility team to conduct accessibility audits to help our product team identify possible accessibility opportunities within the application.

A new IDC whitepaper explores how, with cloud, US federal agencies can achieve meaningful digital innovation while addressing their mission needs. As more agencies migrate applications and workloads to the cloud, including their most sensitive and heavily regulated data, a key consideration is meeting federal compliance and security mandates.

This blog post introduces Amazon Web Services (AWS) Trusted Internet Connections (TIC) 3.0 overlay artifacts. TIC is a federal cybersecurity initiative intended to enhance network and data security across the Federal Government.

AWS announced that Amazon Connect, its omnichannel cloud contact center service, has achieved FedRAMP Authorized status at the High Impact Level. FedRAMP is a US government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment, and continuous monitoring for cloud technologies and federal agencies. In this blog post, learn how to deploy a secure Amazon Connect contact center with conversational AI features to route callers and chatters to the agents best able to assist them.

To help our Australian customers, AWS provides pre-built conformance packs for the Australian Cyber Security Centre (ACSC) Essential Eight Maturity Model and the ACSC Information Security Manual (ISM). The ACSC’s Essential Eight was first published in 2017 and is a set of prioritised security mitigation strategies designed to help protect organisations against various security threats. In this blog post, I walk you through how to set up a conformance pack in AWS Config that is designed to help you implement and track the ASCS Essential Eight model.