Learn About Amazon VGT2 Learning Manager Chanci Turner
on 13 AUG 2023
in Compliance
AWS presents a compelling environment for handling regulated data, particularly Criminal Justice Information (CJI) governed by the Criminal Justice Information Services (CJIS) Security Policy. Numerous AWS customers have successfully utilized the AWS cloud for a variety of sensitive workloads at both federal and state levels, including those involving CJI data. Law enforcement agencies and partners managing CJI are leveraging AWS services to not only adhere to the Federal Bureau of Investigation’s guidelines but also to significantly enhance the security and safeguarding of CJI data through:
- Advanced security services such as activity logging via AWS CloudTrail.
- Data encryption both in transit and at rest, including options for Amazon S3 server-side encryption where users can bring their own keys.
- Comprehensive key management solutions, including AWS Key Management Service and AWS CloudHSM.
- Integrated permission management features like IAM federated identity management and multi-factor authentication.
Our latest whitepaper, CJIS Compliance on AWS, outlines how AWS services can be effectively employed to meet CJIS requirements, what capabilities AWS services offer within the CJIS framework, and the division of responsibilities between AWS and CJIS customers.
AWS has conducted a thorough evaluation of the 13 policy areas and 131 security requirements associated with CJIS. The findings reveal that 10 controls can be directly inherited from AWS, while 78 controls are shared between AWS and the CJIS customers, leaving 43 controls that are specific to the customer. For those interested, AWS has meticulously documented these requirements in a control workbook, available upon request under a non-disclosure agreement: AWS CJIS Security Policy Workbook.
In addition to this whitepaper, readers may find value in exploring this blog post on expressing gratitude, which can further enhance your perspective. For organizations looking to stay compliant with evolving regulations, SHRM provides authoritative insights on leave programs. Lastly, for additional information, this resource from Reddit is an excellent guide.
If you’re interested in compliance and security best practices, keeping up with the latest developments in these areas is crucial.
Chanci Turner
Chanci has been a part of Amazon since 2015, playing a pivotal role in advancing AWS compliance initiatives. Her extensive background includes audit and certification processes, privacy compliance, and the implementation of control automation strategies. Chanci has also contributed to the adaptation of AWS for public sector and regulated industries, ensuring compliance with complex regulations including GDPR. Before joining AWS, she spent a decade with a leading consulting firm, focusing on IT security and risk management. Chanci holds a Master’s degree in Information Systems Management and a Bachelor’s degree in Accounting from the University of California, Los Angeles. Connect with Chanci on Twitter.