Slashdot Mirror

← Back to Stories (view on slashdot.org)

Amazon Launches 'AWS GovCloud'

Posted by Soulskill on from the uptime-is-not-a-mandate dept.

wiredmikey writes "Amazon Web Services today announced 'AWS GovCloud,' a new AWS Region designed to allow U.S. government agencies and contractors to move IT applications and systems into the cloud by addressing their specific regulatory and compliance requirements. Previously, government agencies with data subject to Compliance regulations such as the International Trade and Arms Regulation (ITAR), which governs how organizations manage and store defense-related data, were unable to process and store data in the cloud that the federal government mandated be accessible only by U.S. persons. AWS said that it will screen customers prior to providing access to the AWS GovCloud, helping to ensure customers are 'U.S. Persons,' not subject to export restrictions."

26 comments

  1. Coming soon... by mescobal · · Score: 1

    Skynet!!!!

    --
    La culpa no es del chancho...
  2. No FISMA. by chill · · Score: 1

    Despite the vague phrasing of the article, AWS GovCloud hasn't yet received any FISMA certification which means they're going to have a very hard time getting anyone in gov't to use them seriously.

    --
    Learning HOW to think is more important than learning WHAT to think.
    1. Re:No FISMA. by wiredmikey · · Score: 2

      According to Amazon Web Services, and as mentioned in the article, GovCloud "supports existing AWS security controls and certifications such as FISMA, SAS-70, ISO 27001" -- So it seems as though you are incorrect on the fact that GovCloud hasn't received FIMSA certification.

    2. Re:No FISMA. by SmurfButcher+Bob · · Score: 1

      Not sure. But I do know that "supports" != "has".

      --

      help me i've cloned myself and can't remember which one I am

    3. Re:No FISMA. by Wingman+5 · · Score: 1

      They say "supports" because it is up to the developer to have the application that uses the GovCloud be certified. All they are saying is "Our services will not prevent you from writing applications that can fulfill these certifications"

    4. Re:No FISMA. by dlgeek · · Score: 1

      FISMA AWS enables U.S. government agency customers to achieve and sustain compliance with the Federal Information Security Management Act (FISMA). AWS has been certified and accredited to operate at the FISMA-Low level. AWS has also completed the control implementation and successfully passed the independent security testing and evaluation required to operate at the FISMA-Moderate level. AWS is currently pursuing a certification and accreditation to operate at the FISMA-Moderate level from government agencies.

      --Amazon Web Services: Risk and Compliance

    5. Re:No FISMA. by chill · · Score: 1

      Not true. As defined by NIST 800-60 and FIPS 199, you aren't talking about an application, but rather an "information system". NIST 800-53 defines minimum security requirement.

      The system includes physical security, physical computers, etc. and not just a software application. The equipment, location and methods used by AWS would need to be evaluated as part of these information systems.

      While that can't be done without the application, there are parts of 800-53's minimum security requirements that would apply exclusively to the components provided by AWS.

      --
      Learning HOW to think is more important than learning WHAT to think.
    6. Re:No FISMA. by chill · · Score: 1

      Thanks. I had only read the parent to that and hadn't yet dug into the whitepaper.

      Your quote confirms what I suspected might be the case: FISMA low with medium being pursued. Interesting...

      --
      Learning HOW to think is more important than learning WHAT to think.
  3. Tag by Anonymous Coward · · Score: 0

    The tag #TRAP is needed on this.

  4. As for regular US citizens wanting such... by sethstorm · · Score: 1

    This would be nice if this was available to US citizens as well. It would provide some certainty to where one's own data resides, and that they're not outside the US's jurisdiction. That, and you wouldn't have much more than geographic placement.

    --
    Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
    1. Re:As for regular US citizens wanting such... by MBCook · · Score: 2

      For S3, you have to specify the home region of your storage. As far as I know, your storage is not copied in the other regions, that's what CloudFront is for. I believe EC2 is also setup in regions and your VM stays where you created it.

      Why do you think that signing up for Amazon's cloud means your data will go overseas?

      --
      Comment forecast: Bits of genius surrounded by a sea of mediocrity.
    2. Re:As for regular US citizens wanting such... by SmurfButcher+Bob · · Score: 1

      > This would be nice if this was available to US citizens as well

      No need. I can already kick the power cord out of the wall on my own stuff, any time I want.

      --

      help me i've cloned myself and can't remember which one I am

    3. Re:As for regular US citizens wanting such... by Anonymous Coward · · Score: 0

      Did you ever hear of google docs?

    4. Re:As for regular US citizens wanting such... by Braino420 · · Score: 1

      It would provide some certainty to where one's own data resides, and that they're not outside the US's jurisdiction.

      This isn't something unique to GovCloud; you can (must?) set your s3 buckets/ec2 instances up in a specific availability zone, which determines the location of your data.

      Other than the restriction to US persons and the requirement that EC2 instances are launched within a VPC, we didn't make any other changes to our usual operational systems or practices. In other words, the security profile of the existing Regions was already up to the task of protecting important processing and data. In effect, we simply put a gateway at the door -- "Please show your passport or green card before entering."

      -AWS Blog

      --
      They call me the wookie man, I guess that's what I am
  5. For the government.... by desertfool · · Score: 1

    That wants downtime and lost data in the EC2 cloud.

    --
    Just a dude. Stuck in IT.
  6. Re:A curse... by Anonymous Coward · · Score: 0

    TL;DR.

  7. And Then ... by StormyMonday · · Score: 3, Insightful

    ... Outsource support and system management to Mumbai. What could possibly go wrong?

    --
    Welcome to the Turing Tarpit, where everything is possible but nothing interesting is easy.
  8. amazon is a bunch of nazis by Anonymous Coward · · Score: 0

    is a bunch of nazis - trying to block moneis to wikileaks.... shame on you

  9. How about all other non-US Governments? by Anonymous Coward · · Score: 0

    Due to the patriot act all cloud-offerings from US-based companies are off-limits for government use. (Because the cloud-provider by law have to give any data to US government if requested. This is in particular in conflict with EU law and i assume other countries will have similar issues.) Is the only possible solution to this to move the company HQ out of US?

  10. How Amusing! by Anonymous Coward · · Score: 1

    Honeypot or target painter? You decide.

  11. C&A - NIST SP800-53 by Eol1 · · Score: 1

    No, what is stopping the government from moving to the cloud is crazy NIST requirements in some of the archaic parts of NIST SP800-53. If they can give me a fully certified compliant system you would seem movement in droves.

    --
    De Oppresso Liber