Since last Spring, subscribers to NET+ AWS have had access to AWS Organizations, which provides a management framework for AWS accounts, and permits administrations to apply service control policies to various Organizational Units (OUs) within their Organization.
Late last Summer, AWS announce Control Tower, a feature native way to deploy accounts and enforce Guardrails in an AWS patterned way. This functionality was limited to deployment in a completely separate Organization, but in coordinating with a small team of schools, DLT and Internet2 devised a way to deploy Control Tower. These canary schools reported back that while Control Tower can be run, but most should hold off until Control Tower could be run natively in existing AWS Organizations. Today is that day.
Last night, AWS announce that Control Tower can now be run in existing AWS Organizations! While the participating schools are testing the functionality, it does appear Control Tower can be deployed within the OU of an existing Organization. The AWS team posted a blog post with additional details here: https://aws.amazon.com/blogs/field-notes/enroll-existing-aws-accounts-into-aws-control-tower/. If you are a NET+ AWS schools who has deployed an AWS Organization, you should be able to test out the functionality today. We would highly encourage you attend the bi-weekly AWS Orgs and Control Tower call to trade notes with your colleagues and share the pitfalls. We have also on more than one occasion found a bug that collided with common higher ed deployment patterns that needed to be reported back to AWS Engineering.
If you would like to attend the call, or request an AWS Organization for your university, please reach out!
More details on the Virtual Series, and a link to register can be found on the main Internet2 blog here: https://www.internet2.edu/blogs/detail/17618
Sessions will cover a wide variety of topics, including:
- Security in GCP, featuring an overview of GCP security from a Google expert
- Managing identity and billing in GCP, and GCP’s relationship with GSuite
- Network integration for GCP, featuring Internet2 network experts
- Some examples of real-life campus use of GCP from program participants
- How you can participate in the NET+ GCP community of practice
The following email was shared earlier today:
NET+ Zoom Subscribers,
We want to invite you and others at your institution to join a Zoom Higher Education Community Call on Security and Privacy, which is coordinated by Internet2 and hosted by Zoom. The call will take place on Tuesday April 14th at 1:30 EST / 10:30am PST for 1 hour. The call-in and registration details can be found at:
https://success.zoom.us/webinar/register/WN_PyCkP0lCSAWeac3E00A5hA
There has been considerable discussion around Zoom security and privacy in higher education and the worldwide community. Several members of the Zoom team will provide a brief update on what Zoom is doing to address some of the security and privacy concerns. Zoom speakers include:
- Ben Grande, Head of Sales for local and state agencies and EDU
- Shawn Rolin, Head of Technology and Sales Engineering
- Lynn Haaland Head of Global Risk and Compliance
As time allows, they will also address any questions and concerns from the community. Please note that this webinar may be recorded.
To facilitate this conversation, Internet2 collected questions from various community lists and the NET+ Zoom Service Advisory Board (SAB) and reviewed and prioritized with the NET+ Zoom SAB, NET+ BPLAC, NET+ CSTACC, and the NET+ PAG.
Based on all of that community feedback, we shared the following list with Zoom: https://docs.google.com/spreadsheets/d/1oMDvN03_tYgohr327usMDoNzp0o6peV0w01vyA-paEI/edit?usp=sharing
Please let us know if you have any questions or other items for this list or about this community call. Also, Please feel free to forward this to others on your campus you think might be interested.
Thanks,
Nick Lewis Quyen Vaillant
NET+ Security and Identity NET+ Collaboration Services