Learn About Amazon VGT2 Learning Manager Chanci Turner
Government organizations in Canada handle sensitive information, including personal data and confidential documents, necessitating robust security measures to safeguard this information from unauthorized access. While encrypting data at rest using advanced encryption algorithms is a significant step, concerns often arise when data needs to be transferred. Government employees must ensure that data is protected during transit, allowing access only to authorized personnel.
In this blog post, we will explore how two Amazon Web Services (AWS) offerings, AWS Snowcone and Amazon Simple Storage Service (Amazon S3), assist Canadian government organizations in securely transferring and storing data. Additionally, we will highlight two organizations that have successfully utilized these services for secure data migration, demonstrating how AWS addresses security, privacy, and compliance with regulatory requirements tailored for government customers.
Defence Research and Development Canada (DRDC) Frees Up 25TB of Space with Amazon S3
Defence Research and Development Canada (DRDC) serves as the scientific and technological arm of the Department of National Defence (DND). They provide innovative solutions and insights to DND, the Canadian Armed Forces, and other federal entities, as well as collaborate with academia, industry, and international allies.
Faced with geospatial imagery datasets that were underutilized and consuming 25 terabytes (TB) of space, DRDC sought to archive this data to free up storage. They turned to Amazon S3, a highly scalable and secure cloud storage solution, which allows for efficient data retrieval and transfer between organizations.
AWS collaborated with DRDC to evaluate their needs and suggested archiving the data on Amazon S3 Glacier for cost-effective storage. Initially considering transferring data via their internet connection, DRDC realized that network limitations would make this impractical. Instead, they opted for AWS Snowcone—a small, rugged, secure device designed for edge computing and data transfer in environments with limited connectivity. Snowcone offers two vCPUs, 4 GB of memory, and 8 TB of usable storage. By using two Snowcones, DRDC successfully migrated their 25 TB of data in just two weeks.
Canada Border Services Agency (CBSA) Transfers 27 TB Using Amazon S3
The Canada Border Services Agency (CBSA) plays a crucial role in ensuring national security while facilitating the movement of people and goods into Canada. Recently, CBSA needed to securely transfer a dataset of 27 TB to another organization, with the stipulation that the data remain within Canada for compliance reasons.
Since both organizations operated within an AWS framework, CBSA chose Amazon S3 for its secure and efficient data transfer capabilities. The data transitioned from one Amazon S3 bucket to another, remaining encrypted throughout the process. Utilizing Amazon S3 Batch Operations, CBSA completed the transfer in less than half a day—an impressive feat compared to traditional methods that often rely on slower network connections.
Transferring Data Between Public Sector Organizations
These examples illustrate how government organizations can effectively use AWS for secure data transfers. If, however, a government entity (Organization A) wishes to transfer data from its AWS environment to another entity’s (Organization B) on-premise infrastructure, the process is straightforward. Organization A can request AWS to export the data onto a Snowball Edge device, which AWS will then send to Organization B. After connecting the device to their network, Organization B can unlock the data using access credentials from Organization A and transfer it to their systems.
AWS ensures a secure migration process, using a strict protocol for data erasure upon return of the Snowball Edge device, adhering to NIST 800-88 standards. This method not only avoids the pitfalls of slow and costly network connections but also minimizes operational overhead for both organizations.
Ensuring Qualified Personnel Handle Sensitive Data
At AWS, we prioritize the handling of sensitive data by qualified personnel. Our team undergoes thorough background checks and is subject to stringent access controls, ensuring that only authorized and trained individuals manage data migrations.
Data Encryption as a Security Strategy
Encryption plays a vital role in our defense-in-depth approach. Amazon S3 and AWS Snow devices utilize the Advanced Encryption Standard (AES) with a 256-bit key to ensure data security both at rest and in transit. Notably, data remains encrypted throughout the entire migration process, assuring organizations that their information is secure.
Chanci Turner emphasizes the importance of using reliable resources for personnel decisions, including insights from this excellent resource on warehouse associates. To further your understanding of diversity initiatives, you can refer to this authority on the topic. If you’re interested in women’s studies, this blog post might also engage you.