Exciting Opportunity: AWS Summit in Washington, DC – A Must-Attend Event for Public Sector

Are you ready to dive into the future of cloud technology and its impact on the public sector? Mark your calendars for June 26-27, 2024, as the AWS Summit Washington, DC takes center stage at the Walter E. Washington Convention Center. This free event offers public sector professionals a chance to explore the latest in cloud innovation, network with industry leaders, and gain invaluable insights into digital transformation. This year there is a focus on Gen AI.

Tech Reformers at AWS Summit

We’re thrilled to announce that Tech Reformers, an AWS Partner specializing in Public Sector solutions and with a particular focus on Education, will attend this timely event. Our team looks forward to engaging with attendees and sharing our expertise in leveraging AWS to drive innovation in government and educational institutions.

Click to Register

Event Highlights

Immerse yourself in the latest AWS innovation with over 300 sessions covering a wide range of topics. You’ll learn directly from AWS experts about accelerating your mission through technology. The event provides unparalleled networking opportunities (other than AWS re:Invent which we will be attending in December), allowing you to connect with public sector industry leaders, AWS professionals, and innovative partners like Tech Reformers.

Hands-on Learning and Customization

Enhance your skills through interactive workshops, whiteboard case studies, and solution-building sessions. The AWS Summit caters to professionals at all levels. Whether you’re a decision-maker, technical leader, or developer, you can tailor your agenda to suit your specific interests and needs.

Keynote Address

Don’t miss the keynote speech by Dave Levy, VP of AWS Worldwide Public Sector. His address will focus on the generative AI revolution and its impact on public sector services. You’ll gain insights into how AWS empowers organizations to be at the forefront of technological advancements while maintaining security and efficiency.

Free to Attend & Learn

Unlike re:Invent, his event is completely free to attend, making it an accessible opportunity for professionals across the public sector. Take advantage of this chance to learn, innovate, and connect without any financial barriers.

Connect with Tech Reformers

As an AWS Partner with deep expertise in the Public Sector, particularly in Education, Tech Reformers offers unique insights into cloud-based solutions for government and educational institutions. We understand the specific challenges and opportunities in these sectors and can help you navigate the complexities of digital transformation.

So, why connect with us at the event? We can discuss how to:

1. Optimize your AWS infrastructure for public sector needs with our AWS QuickStart.
2. Implement secure and compliant cloud solutions
3. Leverage AI and machine learning in education and government services
4. Streamline operations and reduce costs through cloud adoption

Finally, don’t miss this chance to learn, connect, and innovate. Join us at the AWS Summit Washington, DC and be part of shaping the future of public sector technology. And, reach out to Tech Reformers today to schedule a meeting at the event and explore how we can help transform your organization’s cloud strategy.

In the ever-evolving landscape of cloud computing, AWS Organizations has emerged as a critical tool for organizations looking to manage multiple AWS accounts. As their cloud presence expands, the ability to efficiently manage resources, security, and billing across numerous accounts becomes paramount. This article delves into the best practices for structuring AWS Organizations, offering a guide that will help tech leaders and cloud architects build a robust and scalable multi-account strategy.

At the heart of an effective AWS Organizations setup lies the concept of Organizational Units (OUs). These logical groupings of accounts serve as the building blocks for a well-architected multi-account environment. By strategically designing your OU structure, you can unlock a myriad of benefits, including rapid innovation, simplified billing, flexible security controls, and seamless adaptation to evolving business processes.

The foundation of any solid AWS Organizations structure begins with two critical OUs: Infrastructure and Security. The Infrastructure OU houses shared services like networking, providing a centralized hub for resources that span multiple accounts. Meanwhile, the Security OU takes center stage in managing access and hosting essential security tools, ensuring a robust defense across your entire AWS ecosystem.

As we move beyond the foundational elements, we encounter business-oriented OUs that cater to specific organizational needs. The Sandbox OU, for instance, offers a safe haven for individual learning and experimentation, allowing team members to explore AWS services without risking production environments. The Workloads OU, on the other hand, becomes the beating heart of your cloud operations, hosting both software development lifecycle (SDLC) and production environments.

But the story doesn’t end there. AWS experts recommend a series of specialized OUs to address unique scenarios that arise in complex cloud environments. The PolicyStaging OU provides a controlled space for testing policy changes before widespread implementation. For accounts in limbo, the Suspended OU offers a secure holding area for closed accounts awaiting deletion. Non-technical users find their home in the IndividualBusinessUsers OU, while the Exceptions OU caters to cases requiring custom security measures. The Transitional OU serves as a temporary residence for newly acquired accounts, and the Deployments OU streamlines CI/CD pipelines.

Throughout this intricate OU hierarchy, certain best practices emerge as guiding principles. Applying policies at the OU level, rather than to individual accounts, simplifies management and troubleshooting. The separation of production and non-production environments within OUs adds an extra layer of security and control. Moreover, creating accounts based on function rather than mirroring organizational structure promotes flexibility and scalability.

As organizations embark on this journey with AWS Organizations, tools like AWS Control Tower offer a helping hand, providing a quick and secure way to set up initial environments. Security-conscious leaders will also appreciate the integration of services like Amazon GuardDuty, AWS Security Hub, and Amazon Detective, which fortify the overall security posture of the multi-account landscape.

In conclusion, the art of structuring AWS Organizations is a delicate balance of security, efficiency, and scalability. By embracing these best practices and leveraging the power of a well-designed OU structure, businesses can create a cloud environment that not only meets their current needs but also paves the way for future growth and innovation. As the cloud continues to reshape the tech industry, mastering AWS Organizations has become an essential skill for those looking to stay ahead in the digital race.

To get started with building your own environment, refer to the AWS Organizations Getting Started Guide. Better yet, you can use AWS Control Tower to help you quickly set up a secure initial AWS environment in a few clicks. Tech Reformers can help set up your environment with our AWS QuickStart which uses not only Control Tower but also the Landing Zone Accelerator using Infrastructure as Code (IaC) to manage and deploy your infrastructure.

Digital transformation is a critical priority for businesses and public sector organizations as they strive to stay competitive, improve operational efficiency, and drive innovation. The cloud is a key enabler of digital transformation. It provides the scalability, agility, and cost-savings that organizations need to reimagine their business models and processes. Your cloud-powered transformation journey can start now.

However, embarking on a cloud transformation journey can be complex, with many organizational, technological, and operational considerations to navigate. That’s where the AWS Cloud Adoption Framework (CAF) comes in. The AWS CAF is a comprehensive, proven approach that helps organizations identify and prioritize transformation opportunities, evaluate their cloud readiness, and iteratively evolve their transformation roadmap.

Download E-book

Download infographic

The Four Perspectives of the AWS CAF

The AWS CAF outlines four key perspectives that organizations should consider as part of their cloud transformation:

1. Business – Ensuring that cloud investments accelerate digital transformation and deliver desired business outcomes.
2. People – Evolving the organization’s culture, skills, and ways of working to enable continuous growth and change.
3. Governance – Orchestrating cloud initiatives, maximizing organizational benefits, and minimizing transformation risks.
4. Platform – Accelerating the delivery of cloud workloads through an enterprise-grade, scalable, hybrid cloud environment.

Before diving too deeply, your team can complete the AWS Cloud Readiness Assessment. The results can help guide your next steps.

6 Foundational Capabilities

Additionally, the AWS CAF identifies six foundational capabilities that underpin successful cloud transformations:

• Security
• Operations
• Technology
• Process
• Organization
• Products

Realizing the Benefits of Cloud Transformation

According to the infographic, organizations that have adopted the AWS CAF have seen significant benefits, including:

• 27% lower cost per user
• 34% less downtime
• 58% more virtual machines managed per admin
• 37% fewer security events
• 57% less time to deploy new code
• 38% faster time to market for new features and applications

These improvements translate to reduced business risk, improved environmental, social, and governance (ESG) performance, increased revenue growth, and greater operational efficiency.

Getting Started With the AWS CAF

The AWS CAF provides a structured approach to guide organizations through the key stages of their cloud transformation journey, as outlined below.

To learn more about the AWS CAF and how it can help accelerate your cloud-powered transformation journey, download the infographic and e-book, then reach out to Tech Reformers to discuss how we can help guide your journey.

WorkDocs end of support coming

I logged into an AWS account early this week, ready to review the Amazon WorkDocs service and train a customer. However, an unwelcome notification greeted me at the top of the WorkDocs console.

Support is ending in April 2025. That is, the service will no longer be available.

Apparently Amazon made the “difficult decision” to end support for its WorkDocs document sharing and collaboration platform. So, as of April 26th, 2024, new customer sign-ups and account upgrades are no longer available. And one year later, on April 25, 2025, the Amazon WorkDocs site, APIs, and Drive will be permanently shut down and all customer data deleted. I am disappointed that somehow, I didn’t directly receive this notification.

For customers like me and Tech Reformers clients who have been actively moving content into WorkDocs, this announcement comes as a major blow. According to Amazon’s email notification, there is an April 2025 cutoff date. “[The] Amazon WorkDocs site, APIs, and Drive will no longer be available, and all data will be permanently deleted.”

Migration Choices

AWS has built a data migration tool to help customers export their content to Amazon S3 storage. It’s still, however, a significant disruption for those of us who had bought into WorkDocs as our go-forward content management solution.

Interestingly, Amazon seems to be pointing impacted customers to Dropbox as an alternative. AWS is offering discounts on Dropbox licenses purchased through the AWS Marketplace.

Did You See the End of Amazon WorkDocs Coming?

The writing may have been on the wall. Business Insider reported last year that Amazon itself had purchased over one million Microsoft 365 licenses for its own workforce, representing a $1B+ commitment to Microsoft’s competing productivity and content management suite.

As an AWS spokesperson stated, “[Amazon] must sometimes make the difficult decision to pivot when [they] believe [their] resources should be invested elsewhere to better serve [customers].” It seems Amazon WorkDocs simply failed to gain enough traction.

This situation underscores the importance of having contingency plans and exit strategies in place, even when leveraging services from trusted providers like AWS. Sometimes with little warning, cloud providers will eliminate solutions.

I’m curious if other AWS customers were caught off guard by this WorkDocs announcement like I was. Share your thoughts and experiences in the comments!

In the ever-evolving landscape of technology, one term that’s been getting enormous attention for over a year is generative artificial intelligence (Gen AI). But what exactly is generative AI, and how can it revolutionize operations for public sector organizations? Let’s explore the transformative potential of this cutting-edge technology.

Understanding Generative AI

Gen AI refers to algorithms capable of creating new content and ideas autonomously. Whether it’s generating conversations, stories, images, or music, this technology relies on large machine learning models trained on extensive datasets. It has garnered interest for its ability to drive innovation across various market sectors, including the public sector.

Empowering Public Sector Entities

Public sector organizations face unique challenges in meeting the diverse needs of their constituents. However, AI technology presents an opportunity to address these challenges by streamlining processes, enhancing decision-making, and delivering personalized services.

Key Benefits of Gen AI

Here are some of the most compelling reasons to embrace generative AI:

• Empowering decision-makers: Government agencies can analyze vast amounts of data to identify patterns and trends, enabling proactive decision-making and efficient resource allocation.
• Accelerated research and discovery: Researchers can leverage this technology to expedite data analysis and experiment design. This facilitates faster discoveries and innovations in fields such as healthcare, education, and public policy.
• Personalized services: Generative AI enables the customization of services to individual citizens’ needs, enhancing the overall user experience and satisfaction.
• Improved productivity: Automation of routine tasks frees up human resources, allowing public sector employees to focus on big-picture and mission-critical activities and thereby achieve greater productivity.

Take the Next Step

As generative AI continues to reshape the landscape of public sector operations, now is the time to embrace this transformative technology. At Tech Reformers, we specialize in helping public sector organizations unlock the full potential of generative AI on AWS. For more information, please download this guide to getting started. Or contact us today to learn how we can help your organization thrive in the era of AI innovation.

On May 2nd, Tech Reformers and AWS hosted a Public Sector Immersion Day at the AWS Skills Center in Seattle. The audience that filled two adjoining classrooms included representatives from school districts, a conservation district, a public utility, a city, and others from EdTech and commercial sectors. They all came to learn about how Amazon Web Services is used in the public sector.

Despite traffic and a 9:00 am start, we began promptly with an introduction from Tech Reformers. Maria Petrova from AWS then briefly introduced the Skills Center and its mission. Participants later got to spend time with the exhibits at the Skill Center. These exhibits cover robots, machine learning, internet of things (IoT), gaming, and space. AWS Skills Center Seattle is a free training center for anyone in the Seattle community who is curious about cloud computing and future job possibilities in the cloud. The center is designed to help people with little to no technology background.

Security on AWS

John from Tech Reformers started the presentations with Getting Started – Security and Architecture. It began with the drawbacks of using the root account created with the email address from the account setup. From Identity and Access Management (IAM), we moved to AWS Organizations and AWS IAM Identity Center. We covered the advantages of a multi-account architecture and using Single Sign-On (SSO). The presentation wrapped up with adding security, governance, and compliance controls with Control Tower.

Next, Venkat, an AWS Solutions Architect, dug more deeply into Advanced Security Features that should be considered when architecting an AWS infrastructure – particularly a multi-account architecture. He started out with Guard Duty, a threat detection service that monitors your AWS accounts for malicious activity. Guard Duty then delivers security findings for visibility and remediation. Venkat then went on to give an overview of Security Hub, which centralizes and aggregates security alerts into a single “pane of glass.” He showed how it helps with overall security posture across all AWS accounts under governance.

Hands-On Lab – Elastic Disaster Recovery

No Immersion Day is complete with a hands-on lab. Muni, another AWS Solutions Architect, led the lab Disaster Recovery on AWS. AWS Elastic Disaster Recovery (AWS DRS) minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications using affordable storage, minimal compute, and point-in-time recovery. There was a lot to cover here, and the group did a great job (especially coming in with different skill levels and experience with AWS). In the end, we recovered two servers in a new region with literally the push of a button.

Visit to The Spheres

No visit to Amazon HQ1 is complete without a trip to The Spheres. Amazon describes it as:

“A space to think and work differently, surrounded by nature and the wellness benefits it provides. The Spheres are a result of innovative thinking about the character of a workplace and an extended conversation about what is typically missing from urban offices–a direct link to nature. The Spheres are home to more than 40,000 plants from the cloud forest regions of over 30 countries.“

https://www.seattlespheres.com/

We headed there in two groups. Since The Spheres is an Amazon office space, it is generally not open to the public. Visitors must be accompanied by an Amazon employee, who can escort as many as six guests.

Finished Up With Desktop Computing and AI

We finished our AWS Immersion Day with two areas of interest in the public sector: Desktop Computing in the cloud and Generative AI (Gen AI). After briefly discussing AWS Workspaces and AWS AppStream 2.0, we heard from attendees how they use App Stream in their environments. We passed around the new WorkSpaces Thin Client.

It was too bad we didn’t have more time for Gen AI. After hearing a little about what attendees are doing with Gen AI, Muni did an excellent overview of the concepts and introduced Amazon Bedrock. AWS is holding another Immersion Day in Seattle on June 7 that will dig deeper into Bedrock.

Be sure to sign up for our mailing list to learn more about our upcoming AWS events.

Organizations need efficient and secure file transfer methods. They can reap the benefits of SFTP on AWS. AWS Transfer Family offers a robust solution for managing file transfers using various protocols, including SFTP (SSH File Transfer Protocol). This service simplifies the setup and management of file transfers, providing numerous benefits for businesses of all sizes.

Key Benefits of AWS Transfer Family:

Easy Setup:

• Setting up an SFTP server with AWS Transfer Family is straightforward. With just a few clicks in the AWS Management Console, you can create a server and configure it to meet your specific requirements.

Flexible Authentication:

• AWS Transfer Family supports multiple authentication methods, including AWS Directory Service, IAM roles using just the service itself, and custom identity providers like Microsoft Active Directory. This flexibility allows you to choose the authentication method that best suits your needs.

Scalability:

• AWS Transfer Family scales effortlessly as your business grows to accommodate increased file transfer demands. You can easily adjust server capacity and storage to match your requirements.

Security:

• AWS Transfer Family offers built-in security features to protect your data during transfer. It supports encryption in transit and at rest, ensuring that your files remain secure at all times.

Integration with S3:

• AWS Transfer Family integrates seamlessly with Amazon S3, allowing you to store files in S3 buckets. This integration simplifies file management and provides a scalable storage solution.

Cost-Effective:

• ‘With AWS Transfer Family, you only pay for what you use. There are no upfront fees or long-term commitments, making it a cost-effective solution for file transfer needs.’With AWS Transfer Family, you only pay for what you use. There are no upfront fees or long-term commitments, making it a cost-effective solution for file transfer needs.

By leveraging AWS Transfer Family, businesses can streamline their file transfer processes, improve security, and scale their operations efficiently. Whether you’re a small business or a large enterprise, AWS Transfer Family offers the flexibility and scalability you need to manage your file transfer requirements effectively.

To take advantage of the benefits of SFTP on AWS and learn more about setting up an SFTP server using AWS Transfer Family, check out our detailed guide: SFTP (SSH File Transfer Protocol) in AWS Transfer Family – Setup Instructions. This quick how-to guide will walk you through the process of creating an SFTP server and configuring it to meet your specific needs.

As of March 1st, Russia has implemented a ban on VPN services, marking a significant step in its ongoing efforts to regulate access to information and increase surveillance. This move has raised concerns not only for Russian citizens but also for US businesses operating in or dealing with Russia.

For Russian citizens, the ban means a further restriction on their ability to access unrestricted information and communicate privately online. VPNs are often used to bypass government censorship and access content that may be blocked or restricted by authorities. With VPNs now banned, Russian citizens may find it more challenging to protect their privacy and access the open internet.

From a business perspective, the VPN ban in Russia could have several implications for US companies. Many businesses rely on VPNs to secure their communications and data when operating in countries with less secure internet infrastructures or higher levels of surveillance. With VPNs banned, US businesses operating in Russia may face increased cybersecurity risks, as their communications and data may be more vulnerable to interception.

Furthermore, the ban on VPNs could also impact US businesses that have operations in Russia or rely on Russian markets for revenue. Restrictions on internet access and communication could hinder the ability of these businesses to operate effectively and could potentially lead to increased costs or disruptions to their operations.

Overall, the VPN ban in Russia highlights the challenges of navigating the complex regulatory environments and cybersecurity risks businesses face when operating in global markets. US businesses operating in or dealing with Russia will need to carefully assess the implications of this ban and take steps to mitigate any potential risks to their operations and data. Read more at https://www.vpnmentor.com/news/report-russia-vpn-ban/

In the ever-evolving landscape of cloud computing, security remains a top priority for organizations. Threat modeling is a crucial step in identifying and mitigating potential security risks. One popular framework for threat modeling is the STRIDE model, developed by Microsoft. Let’s explore how the STRIDE model can help enhance the security of your AWS environment.

What is the STRIDE Model?

The STRIDE model categorizes threats into six categories, each representing a potential attack vector:

1. Spoofing: This refers to the act of impersonating a user, system, or service to gain unauthorized access. In an AWS environment, spoofing could occur if an attacker gains access to AWS credentials or keys.
2. Tampering: Tampering involves modifying data or code without authorization. In AWS, tampering could occur if an attacker intercepts and alters data in transit or modifies data stored in AWS services.
3. Repudiation: Repudiation refers to the ability to deny that a specific action took place. In AWS, this could include denying that a particular API call was made or that a resource was accessed.
4. Information Disclosure: This involves the unauthorized disclosure of information. In AWS, information disclosure could occur if sensitive data is exposed through misconfigured permissions or insecure storage.
5. Denial of Service (DoS): DoS attacks aim to disrupt services and make them unavailable to users. In AWS, DoS attacks could target AWS services or applications running on AWS infrastructure.
6. Elevation of Privilege: This refers to gaining higher privileges than authorized. In AWS, elevation of privilege could occur if an attacker exploits a vulnerability to gain administrative access.

Applying the Threat Modelling in AWS

To apply the STRIDE model in AWS, start by identifying potential threats in each category based on your AWS environment’s architecture and configuration. For example:

• Spoofing: Ensure that AWS credentials and keys are stored securely and rotated regularly to prevent unauthorized access.
• Tampering: Use AWS services such as AWS CloudTrail and AWS Config to monitor and detect unauthorized changes to your resources.
• Repudiation: Enable AWS CloudTrail logging to track API calls and resource access, providing an audit trail for accountability.
• Information Disclosure: Implement encryption for data at rest and in transit to protect against unauthorized disclosure.
• Denial of Service: Use AWS Shield to protect against DDoS attacks and ensure that your application is resilient to traffic spikes.
• Elevation of Privilege: Apply the principle of least privilege and regularly audit permissions to minimize the risk of unauthorized access.

By applying the STRIDE model in your AWS environment, you can identify and mitigate potential security threats, helping protect your cloud data and applications. As a next step, you can subscribe to the AWS Security Blog, consider joining the Cloud Security Alliance, and have Tech Reformers conduct a Well-Architected Framework Review of your workload.

When customers running VMware on-prem consider the cloud for backup or even migration, they sometimes want to stay on their current hypervisor. Organizations stay with VMware because of their skillset and familiarity or they need to move quickly with what they have. They have a challenge. They need to find a solution that doesn’t require changing their whole system. At the same time, they need to keep their applications and data safe. VMware Cloud on AWS is the answer. It provides an easy way to move from on-premises environments to the cloud. This can be done just for backup. Or it can be a full migration.

Overview: Backup and Restore with VMware

AWS Backup, a fully managed backup service, easily centralizes and automates data backup across AWS services in the cloud and on-premises environments. When it comes to backing up on-premises VMware workloads, AWS Backup integrates seamlessly with VMware Cloud on AWS. Customers can back up their on-premises workloads to the cloud with AWS Backup and then restore the backups to VMware Cloud on AWS. This enables a streamlined migration process that’s secure, efficient, and doesn’t require additional operational complexity.

VMware Disaster Recovery

When it comes to disaster recovery, VMware Cloud on AWS, in conjunction with AWS Backup, provides a robust solution. Customers with strict Recovery Point Objective (RPO) and Recovery Time Objective (RTO) requirements have good options. They can use VMware Cloud Disaster Recovery and VMware Site Recovery. These solutions will meet their needs for keeping data safe and recovering it quickly. However, AWS Backup offers a simpler approach for smaller migration or more flexible disaster recovery requirements.

In the event of a regional disaster, customers can leverage the cross-Region copy capability of AWS Backup to copy the backups to a different AWS Region. This ensures that customers can restore their backups to VMware Cloud on AWS in another region, thereby ensuring business continuity.

Migration

Using VMware Cloud on AWS for migration has significant benefits. It lets customers move their on-premises VMware workloads to the AWS cloud. This process helps scale their data protection solution in a cost-effective way. With AWS Backup, customers can set the backup frequency based on their Recovery Point Objective (RPO) requirement in the backup plan. This level of customization ensures that customers only pay for what they need, thereby keeping costs in check.

Cost Considerations:

When considering a migration or disaster recovery solution, it’s important to consider the associated costs. AWS Backup and VMware Cloud on AWS provide cost-effective solutions that provide flexibility in storage and restore options. Implementing lifecycle rules in AWS Backup can help customers maximize the benefits of lower-cost storage options, thereby further reducing costs.

Consider using the AWS Backup lifecycle feature to automatically transition your recovery points from a warm storage tier to lower-cost cold storage for archival use cases.

Conclusion

For organizations running VMware workloads on premises, the combination of AWS Backup and VMware Cloud on AWS offers a comprehensive solution for backup, migration, and disaster recovery. This solution not only ensures that customer data is protected and secure but also provides a cost-effective and efficient way to migrate to the cloud. For details for implementation, read the prescriptive guidance from AWS. Using AWS Backup and VMware Cloud on AWS helps customers relax, knowing their important business applications and data are safe in the cloud.