Category: Defense

In June 2019, Naval Information Warfare Center Pacific (NIWC PAC) awarded AWS the first Blanket Purchase Agreement (BPA) in the US DoD for DoD Cloud Computing Security Requirements Guide IL-6 cloud services. This BPA allows for Navy customers to bring the benefits of commercial cloud to Secret workloads. In 2020, NIWC PAC made available the first AWS Secret Region IL-6 environment available for both internal customers residing on the NIWC PAC Secret Wide Area Network (SWAN) and external DoD and U.S. Department of the Navy customers. To support external customers, NIWC PAC deployed SkyDesk, a Citrix Virtual Desktop Infrastructure (VDI) solution that allows any SIPRNet terminal to connect and access the NR&DE IL-6 Cloud.

In a world where data is produced and handled at unprecedented speeds and quantities, the need for effective methods to securely store, analyze, and interpret this data is more important now than ever. As agencies within the U.S. Department of Defense and Intelligence Community turn to cloud adoption, they are able to bring new capabilities closer to the tactical edge and accelerate their digital transformation. Agencies can effectively leverage these new technologies such as AI, ML, and data analytics to free up time and resources for warfighters and analysts to focus on mission critical tasks.

In celebration of Veterans Day, we connected with Marla Bradbury, an Amazon Web Services (AWS) employee, Veteran, and former United States Army pilot. Read on to learn about her military career and what led her to Amazon as well as advice for transitioning military.

Thank you to all active and retired military members for your service. At Amazon Web Services (AWS), we are honored to work together with our nation’s Veterans—from helping transitioning Veterans begin their pathway in the cloud to hiring military spouses to supporting military families. In celebration of this year’s Veterans Day, check out some of our new resources and additional programs dedicated to serving this community.

The U.S. Department of Defense (DoD) released an interim rule, the Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019–D041), which includes NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) assessment methodology and requirements. Organizations have been planning for CMMC, and with the release of this interim rule, are now beginning to prepare and build strategy for CMMC compliance. Learn how you can build your CMMC strategy using cloud technologies.

If you are a technology professional looking to understand how cloud security adheres to compliance requirements, attend our AWS Compliance Week webinar series on November 2-6. You will learn how to architect compliant, multi-region cloud environments, establish agile governance for regulated workloads, and use new AWS solutions to help accelerate compliance. Hear government and industry perspectives on achieving high compliance from the General Services Administration’s FedRAMP program management office, and customers Maxar, Salesforce, and Coalfire.

A new IDC whitepaper, sponsored by AWS, “How Government Agencies Meet Security and Compliance Requirements in the Cloud” examines why federal agencies are moving more systems and information to the cloud as a launching point for agency-wide IT modernization. The paper shares executive, legislative, and other government-wide initiatives influencing agencies to accelerate their cloud adoption plans, risks IT leaders face by delaying cloud migrations, and how secure, compliant cloud environments help agencies achieve compliance and security for their sensitive workloads.

Earlier today, the DoD announced it had concluded its corrective action and affirmed its prior JEDI contract award to Microsoft. Taking corrective action should have provided the DoD an opportunity to address the numerous material evaluation errors outlined in our protest, ensure a fair and level playing field, and ultimately, expedite the conclusion of litigation. Unfortunately, the DoD rejected that opportunity.

Customer managed encryption keys are a common architecture requirement within highly regulated workloads. This post demonstrates how to satisfy this requirement within Amazon Simple Storage Service (Amazon S3), including Amazon S3 Glacier. We also clarify some common points of confusion and demonstrate how objects can be uploaded directly to Amazon S3 Glacier via Amazon S3, which can help meet regulatory requirements as well as potentially save budget.

Later this year, the Cybersecurity Maturity Model Certification (CMMC) accreditation framework will take effect, impacting U.S. DoD contractors, supply chain, solution providers, and systems integrators. The DoD estimates that more than 300,000 organizations will require certification. In addition, other U.S. federal agencies and international organizations may adopt a similar framework to protect their intellectual property (IP). No matter the size of your organization, cloud-based services can help you meet the requirements of CMMC.