Cloud Archives - Tech Reformers

Category Archive :Cloud

When I was studying for my Bachelor’s Degree in Information Technology at the University of Rio Grande I had in-person classes and I recall us visiting server rooms in the college to see in person what we were learning about in class. Seeing something tangible in person can help improve engagement and understanding of the topics. This can help with cloud architecture as well.

When teaching (and learning) about concepts related to cloud computing, an area of struggle is not having that tangibility factor when we are learning about concepts such as Regions, Availability Zones, Subnets, and IP addresses as fundamentals. Learning about cloud computing concepts requires a lot of analytical processes. In my classes, we use multiple resources such as documentation, labs, blogs, podcasts, etc. I believe that even in highly analytical areas, there’s a place for creative learners who learn best via visual representation and creation.

Options for the Visual Learners

AWS documentation and labs provide schematics to give a visual aid of how VPCs provide AWS customers a segmented portion of the AWS cloud services to build in. To develop a good understanding (and not just regurgitation) of the relationship between these foundational topics I have my learners draw out the schematics using pen and paper. We go through the process of drawing out and labeling (labeling is important) the structure in the schematic. 

A great example of this can be found in AWS Educate.  The short video below describes how I have my learners spend time developing an understanding of the infrastructure they will be building in a lab assignment. If you don’t have an AWS Educate yet and aren’t sure how to start, check out our article Create an AWS Educate account in 10 Minutes.

Reviewing Schematics to Improve Understanding – Watch Video

Drawing out the infrastructure by hand is great for building cognitive skills and understanding of concepts. Using digital drawing tools can take the visual learning experience to a new level.

How to Create a Digital Drawing of Cloud Architecture

After practicing manually drawing out the schematics, I encourage my learners to check out digital platforms such as Figma to draw out the schematics using AWS icons to build cloud architectures. There are a variety of other platforms that learners can select from at AWS Architecture Icons

The advantages of utilizing these digital platforms go beyond understanding the virtual infrastructure. In addition to developing and improving cognitive, using these platforms can provide the following benefits:

  1. Familiarity with the icons when they are not labeled. Larger infrastructure maps may not label all services.
  2. Creating layouts that can be used in presentations when communicating with others.
  3. A creative outlet to build use cases of services on services (sample shown below)
Sketch of CloudWatch alarm using SNS to send messages to subscribers. Created using Figma.

If you are new to cloud architecture, I recommend spending a little time before the lab reviewing the schematic (if provided). Review it, draw it out, label it, and build connections and relationships in the services. Pen and paper are great to start with, then challenge yourself by creating a use-case scenario and using Figma (or a similar service) to create a diagram using appropriate services.

Tasha Penwell photo. She write about cloud and Artificial Intelligence.

Tasha Penwell is an AWS Educator, Authorized Instructor, and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

Cloud computing is quickly becoming one of the most in-demand skills in today’s workplace. While this may not be a surprise, you may be surprised to learn that one of the reasons for the demand is the versatility of the skills related to cloud computing and all the facets it touches. 

Four in-demand roles that can utilize cloud computing experience are project managers, financial managers, legal assistants, and top executives like chief information officers. According to the U.S. Bureau of Labor Statistics, these careers are growing on their own merit. Adding AWS skills and certifications can add versatility and additional opportunities for these career paths.

Two women discussing business goals.

1. Project Managers

Cloud Project Managers are responsible for identifying the goals and ensuring the scope is defined and controlled based on the client’s needs. Even if the PM is not directly involved with the development, understanding the different resources and use cases can help manage the assignment of activities, data collection, and what resources and dependencies are needed. Being knowledgeable about cloud computing fundamentals can help create a plan to develop specific availability and disaster recovery plans.

In addition to understanding the resources to deliver high availability and disaster recovery solutions, AWS’s Cloud Adoption Framework (CAF) can help project managers have more effective conversations with individual stakeholders in the project. 

Project Management Specialist Median Pay$94,500 annually
Job outlook for Project Management Specialist7% (as faster as average)

2. Financial Manager

Cloud Financial Managers need to understand the financial impact decisions related to decisions on what services to use, how to maintain a high availability, and appropriate disaster recovery plans. Financial managers need to understand that despite offloading the management of the infrastructure and some services to AWS, there are costs associated with maintaining and training personnel. 

Financial managers will spend a large amount of their time viewing the budget tools and cost exploration tools to identify any resources that are created but not effectively managed or left running accidentally.

Cloud financial management is part of the Governance perspective in AWS’s Cloud Adoption Framework. The focus is planning, measuring, and optimizing cloud spending and taking advantage of the agility and ability to dispose of services based on needs. Understanding cloud fundamentals can also help lead conversations with stakeholders including the Chief Financial Officer. 

Understanding services like AWS Organizations and CloudCheckr can help financial managers make recommendations to take advantage of volume discounts while maintaining the separation of accounts.

Financial Manager Median Pay$131,710 annually
Job Outlook for Financial Managers17% (much faster than average)

3. Legal Assistants

Legal assistants and paralegals can help organizations understand the requirements for managing and organizing documents and data needed for an organization. Cloud computing can be used to store documents, while data solutions and analytic tools can be used for case management. In addition to being able to use cloud technologies, legal assistants can provide some insights on laws and governance that need to be maintained based on regional laws and industry compliance. Understanding these laws can help with maintaining the appropriate data lifecycle policy and data destruction processes.

Paralegals and Legal Assistants Median pay$56,230 annually
Job Outlook for Paralegals and Legals Assistants14% (much faster than average)

4. Chief Information Officers

Chief Information Officers (CIO’s) can help an organization meet its goals based on technology choices. While CIO’s are considered top executives and may not have as much of a hands-on role as other tech managers, having an understanding of services used, cost-optimization strategies, and identifying how microservice models can help improve organizational processes. Providing organizational agility and flexibility and developing a strategy to perform a root cause analysis can help with aligning with the CAF’s Operations Perspective

Computer and Information Systems Manager Median Pay$159,010 annually
Job Outlook for Computer and Information Systems Manager16% (much faster than average)

Tech Reformers provides training to help individuals with different backgrounds and career paths to learn how to effectively use AWS cloud technology. Program graduates can take the skills learned from the program to provide better value to their clients and meet professional goals.

Learn more about the different training opportunities at our AWS Training Overview, which includes options for instructor-led training or digital self-paced training.

Tasha Penwell photo. She write about cloud and Artificial Intelligence.

Tasha Penwell is an AWS Educator, Authorized Instructor, and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

When wrapping up a course on cloud computing we spend some time discussing how to prepare for the interview. I think we can all agree that interviews can be stressful experiences. We freeze up on questions or are so concerned about having an answer that we do not hear the question entirely. A big part of an interview is preparation. This goes beyond researching the company and role but also utilizing the STAR technique. 

Photo by Edmond Dantès:

STAR is an acronym for Situation, Task, Action, and Result and can provide guidance on how to rehearse a response so that you are able to answer questions clearly and confidently. Utilizing this technique can help the interviewer better identify what experiences you bring with you. 

With the STAR technique, you will create a story that shows a clear conflict and resolution that focuses specifically on your contribution.

The breakdown of STAR technique is as follows:


Describe the story or situation. Be careful to not tell a novel. Share two to three important details relevant. This situation can be from a previous employer, volunteer project, sports team, or a project when you were in school. 


Describe what your responsibility and role were during this situation. Teamwork is important and this can be mentioned as part of the Situation, but you want to highlight your specific role. Select one or two points to share that are relevant to the action and result.


Explain what you did. Many times, using pronouns such as “we”, “us”, and “our” can be beneficial to emphasize teamwork but this is not one of those times. The interviewer wants to hear about what your responsibilities were and the actions you took. Be careful to avoid blame on team members if an outcome is unfavorable. You can address any complications and how you handled them. Spend some more time on this section describing what you did.


What was the outcome? This is something you want to explain whether it was positive or negative. Select two to three points to share regarding the result and, most importantly, what you learned from them. Whether the end result is positive or negative, there is almost always a learning opportunity that can be associated with it. This can be a process improvement, identifying problem indicators early on, or maybe an improvement of a hard skill such as using Amazon S3 or AWS Lambda

Photo by George Milton:

Spend some time coming up with two to three scenarios based on your past experiences that are relevant to the role you are applying for. For each scenario, create a storyline using the STAR method with most of the details and time spent on the Action and Result steps. The Situation and Task steps should build up to those final two steps. 

Google’s Interview Warmup

Google released this AI-enabled tool in June 2022 to help professionals gain confidence and practice interview techniques. Google’s Interview Warmup tool will transcribe answers that you type or speak into. This tool was created to align with Google’s short-term certifications but it can be used by anyone. 

To get started with this tool.

  1. Go to 
  2. Choose from one of the provided fields (Data Analytics, E-Commerce, IT Support, Project Management, UX Design, General)
  3. Google Interview Warmup will present five questions based on the field you selected. The questions can be based on your background, situational experiences, or technical skills. Below you will see some of the questions for the IT Support field.

With Interview Warmup, your answers are transcribed in real-time so you can review what you said. You’ll also see insights as patterns detected by machine learning that can help you discover things about your answers, like the job-related terms you use and the words you say most often. It can even highlight the different talking points you cover in each answer, so you can see how much time you spend talking about areas like your experience, skills, and goals. Your responses aren’t graded or judged and you can answer questions as many times as you want. It’s your own private space to practice, prepare and get comfortable.

Google Interview Warmup
Interview Warmup Options

Google Interview Warmup Interview Questions

Questions are based on background, situational experiences or technical skills

Leadership Skills

In addition to spending time using the STAR method and interview skills, it can be beneficial to research various leadership principles. 

Amazon has 16 leadership principles. They are discussed in more detail on the Leadership Principles page but below is the list of the 16 principles.

  1. Customer obsession
  2. Ownership
  3. Invent and simplify
  4. Are right, a lot
  5. Learn and be curious
  6. Hire and develop the best
  7. Invest in the highest standards
  8. Think big
  9. Bias for action
  10. Frugality
  11. Earn trust
  12. Dive deep
  13. Have backbone; disagree and commit
  14. Deliver results
  15. Strive to be the Earth’s best employer
  16. Success and scale bring broad responsibility 

In class, we spend time covering these leadership principles from Amazon. I open up the floor for the learners to share any organizations or individual leadership principles they admire and try to adopt as their own. For me, I add my own from Richard Branson, and Steve Jobs and end with a favorite quote of mine from Marissa Mayer I always did something I was a little not ready to do. I think that’s how you grow. When there’s that moment of “Wow, I’m not really sure I can do this, “ and you push through those moments, that’s when you have a breakthrough.

Marissa Mayer

I have this quote in my office and whenever I face a new challenge I think of this quote and encourage my learners to do the same as they start their new careers in cloud computing because sometimes you just have to trust the process and experience those breakthroughs. Check out Tech Reformers openings.

Tasha Penwell photo. She write about cloud and Artificial Intelligence.

Tasha Penwell is an AWS Educator, Authorized Instructor, and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

We want to welcome and congratulate Tasha Penwell for recently earning her AWS Authorized Instructor (AAI) Certification. The AAI Program is a global program that supports instructors authorized to deliver the AWS curriculum. 

Who is Tasha Penwell?

Tasha Penwell is one of the newest Tech Reformers instructors and brings with her several years of experience as an educator. Tasha brings to Tech Reformers over 8 years of experience as a higher ed instructors teaching classes ranging from web development, data analytics, and cloud computing. She lives in Southeast Ohio with her husband and son. She loves to travel and hosts computer science workshops at her local high schools to introduce exciting new concepts such as augmented reality, AI/ML, and NLP (natural language processing). Her experience was made evident in her feedback from AWS after the three-day process which tested not only her knowledge of AWS services but also her skills as an educator. 

The feedback Tasha received showed her background as an educator and her use of tools such as Figma to help build visuals and to provide communication and explanation on specific AWS services such as the global infrastructure that supports AWS to specific services such as DynamoDB, API Gateway, and Lambda

Tasha was also recognized for her ability to go the extra mile to follow up with learners who had questions that were not answered or explained fully during her 20-minute presentations. She went above and beyond by providing not only supplemental links but using Loom to record her review of the links and resources she shared to ensure that the learners had the information they needed.

Additional Facts about Tasha Penwell

  • Led the creation of one of the first AWS Academies in the state of Ohio
  • Inaugural AWS Educate Cloud Ambassador
  • She’s a frequent blogger for us sharing great resources and tips
  • She is an Associate Solutions Architect
  • Her areas of interest are cloud security, AI/ML, and augmented reality
  • She is a Snapchat Lens developer and is presenting at Stir Trek in May

You can find one of Tasha’s recent articles about AWS Educate and other services below. If you haven’t checked out AWS Educate yet, we’d highly recommend checking those out. If you have questions about AWS Educate or her Computer Science Workshops, you can email her at

Tasha will be teaching virtual classes in July 2023. Sign up here to receive an email and register for her next class!

ChatGPT and generative AI is having a significant impact on multiple industries and how people are learning. Generative AI is a subset of machine learning. Machine learning models power ChatGPT and include large learning models (LLMs) and multi-modal models that can include text, images, video, and audio.

Artificial Intelligence in action on a laptop
Photo by Matheus Bertelli:

To begin, note that Artificial intelligence (AI) is nothing new with Amazon Web Services. Examples of AI/ML models include Alexa, Amazon’s Just Walk Out, and Amazon Prime. Tech Reformers uses AI/ML in its document processing solution. OpenAI released ChatGPT to the public in November 2022. Within two months, it reached 100 million monthly active users. Researchers and those working on Neural Linguistic Programming (NLP) projects use ChatGPT. In sum, AI can be used for different tasks and is well-trained on data from textbooks, articles, and websites.

What is Amazon Bedrock

Natural-language processing has been around for a while at AWS. Years ago, AWS introduced Amazon Comprehend, an NLP service that uses machine learning to find insights and connections in text. Just recently, Amazon launched Amazon Bedrock in its AI/ML services. Amazon Bedrock is an easy way to build and scale generative Artificial Intelligence applications with foundation models (FMs). Foundation models are AI neural networks that are trained on raw data and can be adapted to accomplish a wide range of tasks. Bedrock provides the flexibility to choose from a wide range of foundational models built by AI startups and Amazon itself. Therefore, this allows Bedrock customers to select the best model for their needs and goals.

In true cloud computing fashion, Bedrock is a serverless service. Accordingly, it can allow customers to get started quickly. They can customize foundation models with their own data, and integrate them into applications. In short, all this can be done without having to manage any of the infrastructure.

The foundation models that Bedrock supports are Jurassic-2, Claude, Stable Diffusion, and Amazon Titan. Data scientists train Amazon Titan FMs on large datasets. Ultimately, this makes them powerful, general-purpose models that can be used as-is or by customers privately with their own data.

Use cases for Amazon Bedrock are:

  • Text generation
  • Chatbots
  • Search
  • Text Summarization
  • Image generation
  • Personalization

To sign up for this new service, complete this short form at

Tasha Penwell photo. She write about cloud and Artificial Intelligence.

Tasha Penwell is an AWS Educator, Authorized Instructor, and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

In 2022, AWS Educate transitioned from a platform for high school and college students to one open to anyone. It allows individuals who are beginning their cloud careers to learn cloud computing skills at their own pace for free. You can learn more about AWS Educate in our article How Can AWS Educate Help Me Start My Cloud Career?

Creating an AWS Educate is free and relatively simple but sometimes, learners in my classes do not receive the email to finish creating the account. In this article, I’ll walk you step-by-step through how to create an AWS Educate account so you can start learning in a lab environment in 10 minutes or less. 

Follow the steps provided below or watch the video to create your free AWS Educate, complete with training, labs, and earning digital badges. 

Create an AWS Educate Account in 7 Steps

AWS Educate registration form
  1. Go to 
  2. Click on the Register Now button
  3. Complete the short form
  4. You will receive an email to Verify Your Email. (Check your spam if you don’t see it) You will go to a page confirming your email was verified.
  5. Go back to, but this time click on Sign in to AWS Educate.
  6. Enter the email you used to sign-up and click “Forgot Password”. This will trigger a password reset.
  7. You will receive an email to reset your password. Follow the steps and create a new password.

You’re in! Explore the courses and labs.


How to Create Your Free AWS Educate Account – Watch Video

Not sure where to begin? My recommended training plan if you are new to AWS cloud computing is

  • Introduction to Cloud 101 (Labs)
  • Getting Started with Storage (Lab)
  • Getting Started with Cloud Operations (Lab)
Introduction to Cloud 101 (Labs)
Getting Started with Storage (Lab)
Getting Started with Cloud Operations (Lab)
Tasha Penwell photo. She write about cloud and Artificial Intelligence.

Tasha Penwell is an AWS Educator, Authorized Instructor, and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

Zero Trust logo with lock (decorative)

There has been a lot of talk about Zero Trust, so let me try to give an overview. I’ll finish up with an example from iboss and a deep dive from AWS. First, think of it more as a methodology and not a new product category. It is a cybersecurity approach that has gained attention for its ability to prevent data breaches. It is not just for enterprise or commercial use. Educational institutions, both in K-12 and higher education, and the public sector find value in implementation as well. It’s built on the principle of “never trust, always verify” (NOT: trust, but verify). Zero Trust aims to protect digital environments by leveraging the cloud. It rethinks how we implement identity and access management and network security. Capabilities include inspection, network segmentation, preventing lateral movement, providing threat prevention, and simplifying granular user-access control.


It was also born out of the need to think beyond just protecting the perimeter with a firewall because trusting everyone inside the firewall was not working. Also, more resources are outside the firewall (i.e. in the cloud) and more users aren’t behind the firewall (i.e. at home or Starbucks). The approach uses information derived from Identity, Credential, and Access Management (ICAM) systems. ICAM consistently verifies all users, devices, applications, and data based on context and user activity. Have you had a website that you use a lot reverify you because you’re not in your usual place? That’s Zero Trust at work.

“Zero trust is a way of thinking, not a specific technology or architecture,” says Gartner Distinguished VP Analyst Neil MacDonald. “It’s really about zero implicit trust, as that’s what we want to get rid of.”



Zero Trust Network Access (ZTNA) extends this strategy. ZTNA provides remote access to applications and services based on defined access control policies. Policies combine role-based, granular, encrypted access controls with post-connect threat monitoring. It involves micro-segmentation of the network (micro perimeters).

Existing infrastructure and technology work for Zero Trust. There are no specific products! Rather it’s an integral part of a complete modern cybersecurity architecture. The approach enables complete end-to-end visibility and rich policy-based controls to mitigate even the most sophisticated threats.

Zero Trust Principles from Gartner: Verify explicitly, Use least privileged access, and Assume Breach
Zero Trust Principles from Gartner

Don’t Do It Yourself

Leading solution providers now incorporate the tenets of ZTNA. Comprehensive, end-to-end platform architectures to address even more use cases come from a single vendor or a mix of “best of breed” suppliers. This approach offers educational institutions and the public sector several advantages. Context-based access encompasses all users, all devices, all applications, and all workloads. Zero Trust provides uncompromising security by continuously examining all content to prevent both known and unknown malicious activity in real-time.

Furthermore, it enables global and consistent access security everywhere, regardless of the location of a user, device, or application. This is best achieved through physical, virtual, and cloud-native firewalls that leverage artificial intelligence and machine learning to enable context-based access on-premises, in the cloud, in remote work environments, or across campuses. Simply put, all traffic, whether to or from campus, the office, home, or, say, a cafe, goes through a cloud firewall and a series of checks.

Example: iboss Secure Access Service Edge (SASE)

The iboss Zero Trust SASE allows all protected resources within an organization to be labeled and categorized, including Security Objectives and Impact Levels. This provides organizations with a clear understanding of where sensitive applications and data reside while providing insight into what users and assets are interacting with those protected resources. The iboss Service follows the NIST Risk Management Framework (RMF) and implements tenets from the NIST 800-207 Zero Trust Architecture Special Publication.

iboss zero trust edge diagram with network connections going through the iboss cloud.


cloud icon

Overall, Zero Trust represents a convergence of secure network transport with a cloud-native security stack that includes components such as ZTNA, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Secure Web Gateway, Firewall-as-a-Service), Software-Defined Wide Area Network (SD-WAN), and micro-segmentation. But don’t think of it as a “rip and replace“, but an additive approach to what you’re already doing.

Deep Dive: What is Zero Trust on AWS

AWS describes Zero Trust as a security model that emphasizes strong identity verification and authorization rules before granting access to data, applications, and systems.

AWS definition of Zero Trust
AWS definition of Zero Trust

Zero Trust is not solely based on network location and operates within highly flexible identity-aware networks, which reduce surface area and eliminate unneeded pathways to data. AWS provides several identity and networking services that can be used as building blocks for implementing Zero Trust. To move towards Zero Trust, AWS says, evaluate the workload portfolio and apply Zero Trust concepts, such as rethinking identity, authentication, and context indicators.

AWS, itself, implements Zero Trust in interesting ways. When using the console every API (application programming interface) call is authenticated. Also, when using services in an account, the services do not automatically have access to other services. You must set up a role that is authenticated when that service is instantiated and every call it maqkes. Security Groups and Network Access Control Lists are another way AWS implements Zero Trust. They can limit traffic north-south and east-west. Remember, Zero Trust is a process and architecture, not a product.

To dive deeply read Zero Trust architectures: An AWS perspective and watch the re:Invent session Zero Trust: Enough talk, let’s build better security.

video thumbnail for AWS re:Invent talk "Zero Trust: Enough talk, let's build better security"

By adopting a Zero Trust approach, educational institutions and the public sector can strengthen their cybersecurity posture and better protect themselves against the ever-evolving threat landscape. Tech Reformers is a consultancy focused on education and the public sector that can help assess your needs.

Download image for NIST zero trust

Download the full NIST publication on Zero Trust

Cloud computing is one of the fastest-growing tech industries in today’s job market. Synergy Research Group reported AWS still continues to hold steady as the market leader in cloud computing services. These services are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and private cloud models.

Cloud Infrastructure Services Market

As an AWS Educator, I often try to prepare my learners that learning cloud computing skills is not a “one-and-done” learning experience. In fact, as I go through the orientation of resources and expectations, I ask my class to raise their hand if they are a lifelong learner. If they don’t raise their hand – they are in the wrong class and need to reconsider their career choice. Thankfully, the response is typically one where they all raise their hands and affirm they are in the class to start their learning journey with the cloud – but not end it there. 

Lifelong learning is where you take personal responsibility for your own continued education. As my sons decided what their subsequent paths would be after high school, I reminded them that it is up to them to go beyond what they learn in the classroom. I was a college instructor for eight years. I understand the challenges of what can be taught in the classroom. This is especially true in rapidly growing fields like technology. There are limits to time and resources that require learners to take more responsibility for their own educational experiences outside the classroom. A mentality to embrace lifelong learning is not optional in today’s day and age. 

AWS, not surprisingly, is well aware of the need for opportunities to help these lifelong learners. AWS is educating as many people as possible to become AWS cloud professionals. That is why resources such as AWS Skillbuilder and AWS Educate exist. 

What is AWS Educate?

AWS Educate was formed in 2015. The goal was to provide resources and hands-on lab experiences to high school and college students who wouldn’t have had access to the lab experiences otherwise. Initially, it was limited to individuals 13 and older who were in high school or college. This limited access required an application and verification process. 

In March 2022, AWS announced that AWS Education was going to be accessible to the general public, which I was thrilled to see. This expansion has allowed me to include this as a supplemental resource when teaching AWS Academy or AWS re/Start courses. AWS Educate continues to provide resources to help learners get started on their cloud journey without providing a credit card as you would need to with an AWS account. (It is important to note that the labs in AWS Educate are temporarily provisioned, which means work is lost and resources are terminated.) 

What are the Benefits of AWS Educate?

In addition to the coursework and hands-on lab experiences, AWS Educate also provides the following benefits:

  • Learners can explore recommended courses based on seven different topics: Analytics, Cloud Computing, Development, Machine Learning & AI, Network & Infrastructure, Professional Skills, Security
  • Learners can choose at what level they want to learn: Foundational, Intermediate, or Advanced
  • Learners only need an email address to begin using the AWS Management Console. 
  • An Explore option on the homepage features supplementary content, such as new courses, Twitch videos, blogs, and white papers.
  • Learners will be able to access a job board for AWS Educate learners

What are AWS Educate Badges?

One of my favorite features that I encourage my learners to utilize to start building their professional profile today is the badge opportunities. AWS Educate badges are not a new concept for the platform. They had them when it was exclusive for high schools and colleges, and I had many students who were motivated to go beyond the assignment simply because they wanted to collect the badges. This was when the Pokemon “gotta catch them all” game was popular, and they compared it to the same motivation. 

In 2022, when AWS Educate became offered as a public learning resource and not limited to targeted demographics of 14 – 24, the platform adopted a new look – which is what we see today. With the new look have come new badges to showcase. 

AWS Educate has seven different courses that, after successful completion, will award the learner with a badge to share this accomplishment on platforms like LinkedIn or with your current employer as evidence that you are focused and investing in your own education to grow in your career. 

The labs and badges available are diverse and include the following:

  • Getting Started with Databases
  • Getting Started with Cloud Operations
  • Getting Started with Networking
  • Getting Started with Compute
  • Getting Started with Storage
    • AWS DeepRacer Primer
  • Introduction to Cloud 101

You can see from the above list that the fundamentals of AWS cloud computing (Databases, Networking, Compute, and Storage) are provided. These are also specific lesson modules in AWS Academy’s Cloud Foundations course to prepare learners for their AWS Cloud Practitioner certification. To provide a more well-rounded educational experience and additional learning opportunities, I assign these labs to complete and encourage them to share their badges on their social media platforms (specifically LinkedIn and Twitter) and, if appropriate, provide a copy of the badge verification to their human resources departments and supervisor. 

While the ultimate goal is to prepare and earn their AWS Cloud Practitioner certification, smaller achievements along the way can help continue to motivate the learner to continue on their journey. Motivation tactics such as these badges can help propel the learners to continue on their journey as things get more challenging (because they do) when learning about the AWeSome world of AWS. 

Tasha Penwell is an AWS Educator and a Certified Solutions Architect. She is also a subject matter expert (SME) in web development, cloud security, and cloud computing. As a speaker, she talks about AWS education and AR technologies.

AWS logo

As an AWS partner, Tech Reformers, strives to help K-12 districts and those who work with them to innovate with the cloud. The goal is innovation while improving information technology (IT) in six areas: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability, The 6 Pillars of the AWS Well-Architected Framework. The Cloud Enablement Engine (CEE) is a guiding process bringing together the business and technology teams and, in education, the instructional team. The goal is a digital transformation moving from an on-premises operating model to a Cloud Operating Model (COM) to achieve district goals.

Once dubbed a “Cloud Center of Excellence,” Philip Potloff, the Head of Enterprise Strategy at AWS, describes it in Challenging Conventional Wisdom About How to Build a Cloud Center of Excellence as

“a multi-disciplinary team that is assembled to implement the governance, best practices, training, and architecture needed for cloud adoption in a manner that provides repeatable patterns for the larger enterprise to follow.”

He cites research and experience that shows the best team is not a well-honed IT team, a successful project team, or an egalitarian mix of staff. Transformation enterprisewide is more likely when there is a mix of “A-team” players with success in IT and project management working with “new blood” that brings in a supply of new ideas relevant to the district.

The team must have top-down support from an influential executive sponsor. In school districts, this would be the superintendent or other cabinet leader. A key pattern for success is to have not just an executive sponsor but an Executive Cloud Steering Committee that includes senior executives that are not on the CEE. They serve as the North Star and ensure the CEE is in support of district strategy and goals.

The CEE is ready to go upon completion of the 5 kick-off activities:

  • Build the team
  • Train and coach
  • Pilot projects
  • Architect for the cloud
  • Operate in the cloud.

Build the Team

The initial team member may be the CIO, CTO, or director in IT with hands-on experience that knows the capabilities of AWS but also has the political capital to bring in business leaders aboard with the CEE. With other leaders on board, the goal is to build a ‘two-pizza” team, small enough to share a couple of pizzas. To start, less is more. Technology is the team focus initially. Some successful organizations have also had a larger cross-functional Cloud Steering Committee that ensures progress, removes roadblocks, and helps with decision-making that affects the organization.

Train and Coach

Initial members beyond the leader may include infrastructure, networking, and operations which will be cloud leaders. Core member training is the next step. Creating learning paths and training in cooperation with Human Resources creates a process for extending cloud adoption. The CCE team leverages the AWS Well-Architected framework and will become familiar with AWS reference architectures, AWS Quick Starts, and AWS Solutions. Successful CEE implementations include AWS training for the entire organization. At AWS, for example, every employee becomes a Certified Cloud Practioner. Districts could have a Cloud 101 that covers the core of transforming with the Cloud.

IT probably has an existing Project Management Office (PMO) or project management team. This team is critical to the success of the CEE. They are closely aligned with the business verticles and should be armed with agile project management skills. Now a Cloud PMO, the team can create a manifesto to guide decision-making for project onboarding, process changes, role definitions, organizational changes, cloud architecture, and cultural change. Communication skills are the key to bringing the organization along the cloud journey.

Pilot Projects

The CEE then develops pilot projects in a lab environment. It’s important to keep the sponsor and senior leadership engaged in the progress and aware of the pilot projects. What pilot may have an impact beyond the IT team? Identify pilots that could improve the business, have the potential to save money, would increase reliability, or can deliver on a business need.

Architect for the Cloud

Before going live with AWS, it’s important to architect the AWS environment for the enterprise. AWS must be integrated into the fabric of the technology environment. Plan on using Organizations or Control Tower. Build a multi-account architecture with unified security controls, centralized billing, and governance. Integrate with an existing Identity Provider like Active Directory to provide familiar login credentials and account management.

Operate in the Cloud

The Well-Architected pillar, Operational Excellence, focuses on people, not technology. The CEE should develop a Cloud Operating Model (COM). The COM may include infrastructure as code, code repositories and version control, monitoring, alerting, notifications and reporting, escalation policies, financial tracking and auditing, service deployment policies, and examination of opportunities for agile practices. This is important even if your district has few or no custom applications. The “Super Power” of the cloud is automation. So, even compute, storage, databases, and Commercial Off-The-Shelf Software (COTS Software) can all be deployed by code using, for example, Cloud Formation Templates and user data scripts.

With the 5 kick-off activities complete, the CEE moves into production and continuous improvement.

Kickoff and Continuous Improvement

With guidance from the executive sponsor, steering committee, and stakeholders, the CEE delivers early value. Like the pilots, identify projects to improve the business to save money, to increase reliability, or to deliver on a business need. An IT focus with financial and reliability benefits might be to move from tape or local disk backup to backup to Amazon S3. A project for educators may be to deploy Amazon AppStream 2.0 to enable Career and Technical Education (CTE) students to use high-end applications on any device. Or is there an application from the AWS Marketplace that could fit the need for, say, HR?

Striving for continuous improvement builds on early successes. Perform AWS Well-Architected Reviews on the new workloads and on potential legacy data center workloads. This builds the capacity of the team while driving the CEE forward. Organization-wide improvement can be achieved by leveraging early adopters to help others. A Community of Practice identifies and shares best practices not just to IT but to business units and other stakeholders.

Cloud Adoption is a journey, and the Cloud Enablement Engine: A Practical Guide provides prescriptive guidance. Following the CEE will enable a district to transform and innovate with the cloud. Additionally, information technology (IT) will improve in six areas: operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability.

Recently K12 Security Information Exchange (K12 Six) released its annual State of K-12 Cybersecurity, Year in Review. K12 Six has been tracking cybersecurity incidents in K-12 for several years and has been attracting a following among school district Information Technology (IT) leaders. They are perhaps best known for their heat map which is a visualization of publicly disclosed school cyber incidents from 2016 to now. Besides the map and this research, they are an information exchange where IT leaders can learn from each other, leaders in the cybersecurity field, and cybersecurity vendors.

cover of The State of K-12 Cybersecurity: Year in Review
2022 Annual Report that show cyber incidents in K-12

The definitive annual report series on cyber incidents affecting U.S. public elementary and secondary (K12) education institutions. Based on a data source that the U.S. Government Accountability Office (GAO) found to be the “most complete resource that tracks K-12 cybersecurity incidents, including student data breaches.”

U.S. Government Accountability Office (GAO)
Number of Publicly-Dislclosed K-12 Cyber Incidents by Incident Type 2016-2021. Data steadily rising for data breach, ransomware, BEC, DDOS, Invasion, and other to total about 1300 cybersecurity incidents.
K12 Six The State of K-12 Cybersecurity 2022 Annual Report

The report itself tells us what we already know: there is a growing number of cybersecurity incidents in school districts. But, it provides specific numbers, categories, and examples that drive home the problem. Note that K12 Six reports that the reporting is not what it should be. Based on anecdotal evidence, incidents occurred perhaps 10 to 20 times more often than reported.

2021 was Unique

2021 had some unique variables that may have caused the increase. With the pandemic and remote learning, a new cyber incident became evident. Dubbed “zoombombing” or class invasion, these incidents rocked the virtual classrooms of the United States. Vendors and users implemented technical and operational controls respectively to blunt this threat. Luckily, learning from mistakes and the return to the classroom should diminish this threat.

Also, 2021 became the year school districts became more aware of the need for and requirements of cyber insurance. While many school districts had insurance, they did not meet the stricter requirements of their insurer. Insurance companies got slammed over the previous years with the rise of ransomware, and now were enforcing a set of requirements on districts to keep their policies in force. With both the increased media attention to cyber incidents and the new insurance requirements, district leaders and board members, not just IT or Risk Management, began to focus on cybersecurity. So 2021 wasn’t all bad!

Ransomware – #1 Cyber Incident

Of all the cybersecurity incidents, the top incidents were ransomware, data breaches, and class meeting invasions. Ransomware, for the first time, is the top threat. In 2021 62 K-12 districts across 24 different states reported ransomware cybersecurity incidents. 2021 was the third year with over 50 incidents. Unlike a data breach, ransomware often results in class cancellations, school closures, and a breakdown of district core operations.

The Baltimore Sun headline:
Ransomware attack cripples Baltimore County Public Schools. No timeline for return to class.
The Baltimore Sun headline

The report outlines striking examples that include Baltimore County (MD) Public Schools where the cost of ongoing recovery from a Ryuk ransomware attack grew to nearly $9.7 million dollars and closed school for days and limped back for weeks.

The Buffalo News headline
The Editorial Board: Ransomware attack on Buffalo schools show again the need for strong security.
The Buffalo News headline

Similarly, the Buffalo School Board approved spending nearly $9.4 million on IT consultants to respond to a ransomware attack in March 2021.

Data Breaches

Initiator of K-12 Data Breach/Leak Cyber Incidents: 2016-2021
K-12 Vendor 55%
Other / Undisclosed 24%
Staff 14%
Students 7%
K12 Six The State of K-12 Cybersecurity 2022 Annual Report

The most significant vector for student and teacher data breaches, the loss of personally identifiable information (PII), remains school district vendors and other trusted non-profit and government partners, not the districts themselves. An exception to the Family Educational Rights and Privacy Act, or FERPA, allows districts to transfer the role of a so-called “school official” allowing a district to share educational records with third parties as part of outsourcing service that it lacks the capacity to perform itself. Although allowed, districts must vet these 3rd party vendors from the large Software as a Service (SaaS) ubiquitous in Student Information Systems (SIS) and Learning Managementment Systems (LMS) to the smallest EdTech vendors.

Another significant source of K-12 data breaches is school district staff and school board members,
who inadvertently share the PII of students and/or staff in the course of their duties. Two common examples are losing an unencrypted district device or emailing a spreadsheet of data.

The other K-12 cyber incident types disclosed during 2021 as reported by K12 Six include:

  • Business Email Compromise (BEC) where district emails are spoofed or stolen to fraudulently request gift cards, W-2s, and invoice payments;
  • Class Invasions where malicious actors gain access to classes or meetings;
  • Email invasion where the district email system is breached for spamming;
  • Website and social media access where lack of controls leads to defacement or worse by a 3rd party;
  • Denial of Service (DOS) attacks to bring down systems and testing periods.

Responsibility for Cyber Incidents

The research shows where most of the incidents are occurring. Incidents per 100,000 students, which compensates for the size of the district, show that the states of Montana, North Dakota, Connecticut, Maine, and Hawaii have more than their expected share of K-12 cybersecurity issues. Larger school districts and wealthier ones appear to be at a greater risk of cybersecurity incidents than small school districts and lower-income districts. This may be because cybercriminals are targeting districts with more money and the ability to pay a ransom.

So who is responsible and why do these incidents keep occurring? K12 Six found 4 groups.

  • Teachers, administrators, and board members who have a lack of training
  • Tech-savvy students who are not monitored
  • Suppliers and vendors who are not properly vetted
  • Cybercriminals (of course) who realize that school systems are “soft targets”

Key Finding

There is a lot of great information in the K12 Six report that is backed up by well-researched data. While they come up with several conclusions, there is one main point that comes from the data. K-12 school districts need to implement commonsense cybersecurity controls and practices. As a district leader, you do not want to risk the money, lose productivity and class time, or get on the K12 Six K-12 Cyber Incident Map. Read the full report here: The State of K-12 Cybersecurity Report Series — K12 SIX.

Next Steps

Tech Reformes is hosting a webinar, The Ransomware Hostage Rescue Checklist: Your Step-by-Step Guide to Preventing and Surviving a Ransomware Attack. In this webinar Roger A. Grimes, KnowBe4‘s Data-Driven Defense Evangelist and security expert with over 30-years of experience will take you step-by-step through best practices for preventing ransomware attacks and a post-attack response plan. Join us May 11, 2022 11:00 am PDT, 2:00pm EDT. Don’t be a victim of the #1 cybersecurity threat in K-12.

New Webinar
The Ransomware Hostage Rescue Checklist:
Your step-by-step guide to preventing and surviving a ransomware attack. Avoid cyber incidents!
Close Bitnami banner