AWS ‘Secret Region’ Serves US Government Customers

AWS re:Invent 2017: New government-focused region complements an existing deal that gives US intelligence agencies access to air-gapped cloud infrastructure

Amazon Web Services (AWS) has launched a cloud services region aimed specifically at US government bodies who want to run classified workloads on its infrastructure, and which it says is authorised to handle material up to the “Secret” US security classification level.

With the AWS Secret Region, as it is called, Amazon becomes the first commercial cloud provider that can handle all the US government’s data classifications – Unclassified, Sensitive, Secret, and Top Secret.

It complements an existing $600 million (£453m) contract with US intelligence agencies that allows them to run Top Secret workloads on dedicated infrastructure.AWS GovCloud

The Top Secret Region was launched three years ago on dedicated infrastructure that’s air-gapped from Amazon’s other offerings. Amazon said the CIA and other government intelligence groups can access the new Secret Region immediately through the existing deal.

Cross-government availability

But the new infrastructure will also be available for any US government department with Secret-level network access to use via their own contract arrangements, indpendent of the intelligence agreement.

Amazon said the Secret Region is to be assessed and accredited for that purpose under the appropriate government directives, but didn’t specify when it expects the process to be completed.

The same tools and workflows available on the Top Secret Region can be used on the Secret Region, Amazon said.

US intelligence agencies have been gradually adopting cloud infrastructure over the past several years, and the process has improved security and lowered maintenance costs, according to John Edwards, who became the CIA’s chief information officer last year.

Speaking at the AWS Public Sector Summit in Washington, DC in June, Edwards said the AWS deal was the “best decision we ever made”.

“The AWS Secret Region is a key component of the Intel Community’s multi-fabric cloud strategy,” Edwards said in a statement. “It will have the same material impact on the IC at the Secret level that C2S has had at Top Secret.”

Does IoT security concern you?

  • Yes (89%)
  • No (11%)

Loading ... Loading ...

Public sector shifting to the cloud

Teresa Carlson, AWS’ vice president for the worldwide public sector, said the new region allows “more agency collaboration, helps get critical information to decision makers faster, and enables an increase in our nation’s security”.

The use of cloud infrastructure gives government bodies access to industry-standard processes and tools while potentially lowering costs, but cloud providers have had to develop purpose-built offerings in order to convince public sector bodies to come on board.

Microsoft runs a Government Cloud for public sector customers and last month announced Azure Government Secret for Secret-level workloads. That offering hasn’t yet gone live.

In March Microsoft released Azure Blueprint for the UK Government, detailing how services built on its cloud platform implement cloud security principles recommended by GCHQ’s National Cyber Security Centre (NCSC). The company launched its first UK-based data centres last year in order to address the needs of customers such as the Ministry of Defence and the NHS.

Google has also taken measures to attract government customers, such as certifying its web-based productivity suite for government use.

How well do you know the cloud? Try our quiz!