The US Government is no stranger to Amazon’s data centres: they’ve used them for sites like Recovery.gov and Energy.gov. But after shuttering 40 per cent of their data centres, the Government is looking to Amazon to house data that’s considerably more sensitive.
Not-so-creatively dubbed “GovCloud”, Amazon says that the server will require anyone accessing it to be a US citizen. Because Amazon follows stringent regulations, agencies can now store data, such as weapons info and health care records on these GovCloud servers.
Because AWS GovCloud is physically and logically accessible by U.S. persons only, government agencies can now manage more heavily regulated data in AWS while remaining compliant with strict federal requirements.
Is it careless/reckless/unsafe to house sensitive data, like weapons info and health care records, on a server operated in the private sector? Probably not. Amazon, after all, is the biggest and best cloud storage operator, and have occupied that spot with relatively few hiccups over the years. In the event that someone tried to break into the data centre, would the actual, IRL security precautions for this Amazon-operated data centre be the same as a Government-owned one? Who would take the blame for a security breach?
Questions to consider, at the very least. [Amazon via NextGov]