The URL can be used to link to this page

ITEM 5.2 Contract agreement with HAAIV OtSTI.F O MINNESOTA V DEPARTMENT INFORMATION Request for City Council Action ORIGINATING DEPARTMENT: REQUESTOR: MEETING DATE: Administration Lori Johnson, City Administrator October 13, 2014 PRESENTER(s): REVIEWED BY: ITEM #: Lori Johnson, City Administrator 5.2 AGENDA ITEM DETAILS RECOMMENDATION: Recommend approval of a Contract Agreement by and between the City of Otsego and Hakanson Anderson Associates, Inc., and Midwest CAD (Consultants) for GIS services. ARE YOU SEEKING APPROVAL OF A CONTRACT? Yes IS A PUBLIC HEARING REQUIRED? No BACKGROUND/JUSTIFICATION: During the budget work session at which the GIS budget was discussed, the Council directed staff to begin negotiations with Hakanson Anderson Associates, Inc. (HAA) to provide GIS services to the City. This decision came after a thorough selection process during which four GIS products were previewed and evaluated. The proposed contract will be a partnership of two consultants, HAA and Midwest CAD. Attached is a Contract Agreement for GIS services for Council consideration. This contract has been reviewed by City Attorney Andy MacArthur and both consultants. The Administrative Subcommittee reviewed the contract and recommends City Council approval. As the contract states, the system will be available for use by City staff on November 15, 2014. Staff training, both initial and ongoing, is included in the contract. Further, the contract explicitly states that the Consultants must have written approval from the City before any non -routine maintenance work will be completed. If Consultants perform work without proper City approval, the City may exercise its right to not pay for the work. The contract also names the City as owner of applications and forms developed by the Consultants and paid for by the City. If the Consultants want to use the City's applications or forms for any other use, City permission must be granted and reimbursement agreed upon in advance. Costs for the contract are outlined in Exhibit B. The contract is monthly and the cost is based on the number of connections/devices the City has each month. Hourly service costs will be controlled through the written approval process stated above. Both the 2014 and 2015 budgets include funding for this contract. Following City Council approval of the contract the next steps in implementing the new GIS system include GIS Subcommittee identification of implementation priorities, defining "proper City authorization" for requesting work and developing the related approval process, defining routine and non -routine work, and scheduling training. SUPPORTING DOCUMENTS: X ❑ ATTACHED ❑ NONE • City of Otsego Contract Agreement by and between the City of Otsego and Hakanson Anderson Associates, Inc., and Midwest CAD. POSSIBLE MOTION Please word motion as you would like it to appear in the minutes. Motion to approve the Contract Agreement by and between the City of Otsego and Hakanson Anderson Associates, Inc., and Midwest CAD. BUDGET INFORMATION FUNDING: BUDGETED: X ❑ YES General and Utility Funds ❑ NO ACTION TAKEN ❑ APPROVED AS REQUESTED ❑ DENIED ❑ TABLED ❑ OTHER (List changes) COMMENTS: CITY OF OTSEGO SERVICES CONTRACT AGREEMENT, made this 13th day of October, 2014, between the CITY OF OTSEGO, a Minnesota municipal corporation ("CITY') and Hakanson Anderson Associates, Inc. and Midwest CAD Solutions (the "CONSULTANTS"), 3601 Thurston Avenue, Anoka, MN 55303 and 1943 1401h Lane NE, Ham Lake, MN 55304. RECITALS WHEREAS, this Agreement provides that the CITY will contract with the CONSULTANTS to provide a geographic information system and services for projects, mapping, data input, and studies as designated by the CITY, the services provided and compensation as set forth on Exhibits A and B; and WHEREAS, the CITY wishes to retain CONSULTANTS to perform Service(s) to assist with following described project: Provide management of Otsego's GIS via a secure website portal (GIS Cloud) and initially provide 10 individual password protected access ports or mobile device connections. WHEREAS, this Agreement outlines the Service(s) to be performed by the CONSULTANTS and the approved cost of the service: NOW, THEREFORE, in consideration of the mutual agreements herein contained and intending to be legally bound hereby, the CITY and the CONSULTANTS hereby agree as follows: 1. Contract Performance. A. SERVICES TO BE PERFORMED BY CONSULTANTS The CITY City hereby retains the Consultants for the purpose of providing, advising and consulting the CITY City for the services described on Exhibit A attached hereto and made a part hereof. All requests for design of applications, forms and other non -routine maintenance of the layers must have written approval of the CITYbefore any work shall commence. Any work completed prior by CONSULTANTS prior to written approval by CITY may not be paid by the CITY. The CONSULTANTS will train CITY staff to enter data as the CITY REQUESTS and allow the CITY staff to enter and update any CITY DATA layers. GIS data, apps and forms will be contained within GIS Cloud's format. GIS Cloud is responsible to maintain the City's GIS information in a secure and redundant manner as per the description attached as Exhibit C. B. SCHEDULE OF PERFORMANCE BY CONSULTANTS The services shall be on-going at the request of the CITY City and therefore a schedule for this project is not defined except that the Otsego GIS shall be functional for staff use by November 15, 2014. CONSULTANTS shall create and implement a procedure to produce address labels from GIS property owner information on a standard printer using standard envelope labels. The procedure shall be completed prior to January 15, 2015 at no additional charge. 2. Compliance with Applicable Regulations. CONSULTANTS shall, pursuant to performance, comply with all applicable rules, regulations, statutes or ordinances of any other unit or agency of government, including but not limited to those relating to non-discrimination in hiring or labor practices, payment of all required withholding taxes, workers' compensation and unemployment compensation insurance, liability insurance, OSHA or other safety rules and regulations, construction practices, environmental practices, wetland protection measures, vehicular safety and/or weight restrictions, refuse disposal practices, and notices to employees, whether or not such rules, regulations, statutes or ordinances are set forth or adopted by reference in the Submission Requirements herein. Pursuant to Laws of Minnesota 1995, Chapter 31, if CONSULTANTS shall fail to pay any subcontractor hired by CONSULTANTS under this project within 10 days after CONSULTANTS receives payment from CITY for work for which CONSULTANTS is liable to any subcontractor, CONSULTANTS shall be liable to the subcontractor for interest on the unpaid balance, at the rate of 1.5 per cent per month. Any sub consultant aggrieved by CONSULTANTS failure to remit payment to the sub consultant shall, for the purpose of enforcement, be considered a third -parry beneficiary of this contract. However, nothing in this contract shall be deemed to impose upon CITY any duty to monitor, enforce or otherwise become involved in payments from CONSULTANTS to any sub consultant. 3. Indemnification. CONSULTANTS shall indemnify and save harmless CITY from any liability arising out of the CONSULTANTS`s failure to observe compliance with Paragraph 2 above, specifically including, without limitation, liability arising out of the improper disposal or storage of any hazardous waste by CONSULTANTS or any entity hired or used by CONSULTANTS for such disposal. 4. Warranty of Workmanship and Timely Completion. In addition to any warranty which might be a part of the Plans and Specifications/Proposal, CONSULTANTS warrants that all work completed in connection with the PROJECT shall be done in a workmanlike and timely manner in accord with applicable industry standards. Where materials are being furnished by CONSULTANTS, CONSULTANTS warrants that all materials will be of good quality and suited for the purpose for which they are intended. 5. Compliance with Statutory Requirements A. Data Practices Compliance: Consultants may have access to data collected or maintained by the City to the extent necessary to perform Consultant's obligations under this contract. Consultants agree to maintain all data obtained from the City in the same manner as the City is required under the Minnesota Government Data Practices Act, Minnesota Statutes Chapter 13. Contractor will not release or disclose the contents of data classified as not public to any person except at the written direction of the City. Consultants agrees to defend and indemnify the City from any claim, liability, damage or loss asserted against the City as a result of Consultant's failure to comply with the requirement of the Act or this contract. Upon termination of this contract, Consultants agrees to return data to the City B. Worker's Compensation CONSULTANTS shall, at the time of execution of this contract, furnish evidence satisfactory to the City that CONSULTANTS maintains or is exempt from maintaining Worker's Compensation coverage, pursuant to Minnesota Statutes Chapter 176.182. C. Income Tax Withholding Prior to the time of final payment of any amounts owing to CONSULTANTS under this agreement, CONSULTANTS shall furnish a copy of Form IC -134, certified by the Minnesota Department of Revenue, documenting that all withholding tax requirements have been observed by Consultants. D. Audit Pursuant to Minnesota Statutes Chapter 16C.05 (subd. 5), the books and records of CONSULTANTS which are relevant to the services being performed under this Contract shall be subject to inspection in accord with said statute, for a period of six years from the date of final payment hereunder. 6. Performance and Payment Security (Check One) X CONSULTANTS are not required to post any performance and payment security as a condition of this Contract by reason of the fact that the contract amount is for less than $75,000.00, and City is not requiring performance security. CONSULTANTS are required to post performance and payment security acceptable to the City, even though the contract price is less than $75,000.00. CONSULTANTS are required to post performance and payment security because the contract price is more than $75,000.00. Note: Regardless of which option above is checked, if performance and payment security is required, the security shall meet that standards outlined in Minnesota Statutes Chapter 574.26. 7. Notices Any notice which is or should be required to be given to CONSULTANTS shall be sufficient if addressed as follows, and deposited, postage prepaid, in the regular United States Mail. Notice shall be deemed to have been received on the third business day following the postmark: Hakanson Anderson Associates, Inc. 3601 Thurston Ave N. Anoka, MN 55303 8. Termination The City and Consultants shall enter into engagement with the knowledge that the agreement can be terminated at the City or Consultants' will with one month's notice. 9. Payment The City shall remit to Hakanson Anderson Associates, Inc. the amounts billed for services and the CONSULTANTS shall accept as full payment the sums described on Exhibit B attached hereto and made a part hereof assuming that the Consultants have fully complied with all of the terms of this agreement, completing all work product in a timely and compliant manner. Hakanson Anderson Associates, Inc., in accordance to section 2 above shall make timely payments to Midwest CAD Solutions for work performed. GIS Cloud is a leased web based product. As long as the City of Otsego leases the product it can continue to use any work product already completed and any work product to be completed including all the geographic data input, forms created, or applications created even if the engagement between the CONSULTANTS ceases. Any data input may be removed from the GIS Cloud and said data becomes property of CITY. Any applications or forms created and paid under this agreement for the CITY are the property of the CITY. Any use or transfer of products specifically designed for CITY to other clients, persons or entities by the CONSULTANTS must be approved by CITY. Products specifically designed for CITY include particular data, fields and controls created for CITY, but does not include generic applications contained on the GIS Cloud product. Any applications, forms and the site application itself are a leased service and are unavailable to CITY in the event that it terminates use of the GIS Cloud product.. IN WITNESS WHEREOF, the parties have executed this Agreement the date above written. CITY OF OTSEGO By: Jessica Stockamp Mayor By: Tami Loff CONSULTANT Hakanson Anderson Associates, Inc. By: Ronald J. Wagner Its: CEO CONSULTANT Midwest CAD Solutions, Inc. City Clerk By: Craig Tobias Its: CEO/President EXHIBIT A SERVICES TO BE PERFORMED BY CONSULTANT ® Host GIS on GIS Cloud, manage and provide city email access addresses for a geographic information system for the City of Otsego, (number and type of address defined in Exhibit B & subject to change by City). ® Provide 1 hour long GIS introductory classes each for: a) General b) Planning C) Utilities d) Public Works e) Parks © Provide GIS classes up to 4 hours in length. M Provide up to 100 GIGS of GIS Cloud storage. ® Provide general mapping and updating. © Provide GIS design expertise such as forms, apps, system changes or other administrative items. EXHIBIT B CONSULTANTS COMPENSATION Compensation for services shall be made on the basis of the approved rate schedule, as follows for the remainder of 2014 and all of 2015: Hakanson Anderson GIS Specialists Midwest CAD Solutions GIS Consultant Quarterly GIS Classes (2 to 4 hours) $150/class) Introductory Classes Mileage Monthly Hosting and Management of up to 10 access addresses or mobile device connections Additional access addresses or mobile device connections Provide up to 100 GIG of storage $70/hr. $75/hr. $75/hr. (min. No Charge No Charge $750/month $40/month/each $100/month EXHIBIT C GIS Cloud Infrastructure and Secu rite Cloud computing represents a significant shift in how GIS professionals and companies use and store their proprietary data. Ensuring the confidentiality, integrity, and availability of customer's data is of the utmost importance to GIS Cloud, as is maintaining trust and confidence. That is why we have built our service on top of Amazon Web Services (AWS), AWS is a highly scalable cloud computing platform with high availability and dependability, and the flexibility to enable customers to build a wide range of applications. In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices and provides appropriate security features in those services. The servers are based in US (East Coast). GIS Cloud Data Security and Privacy Measures To ensure complete data privacy and safety we at GIS Cloud have undertaken measures to provide such environment for our users. Your files are actually safer while stored in GIS Cloud than on your computer in some cases. We use the best tools and engineering practices available to build our software and provide safe access to your data. Other GIS Cloud users or GIS Cloud employees can't see your private files in GIS Cloud unless you deliberately share your map with them and give permission to access and use the data. GIS Cloud employees are prohibited from viewing the content of files you store in your GIS Cloud account unless you allow them so in case of need for technical support or educational purposes. But that is the rare exception, not the rule. In addition, we employ a number of physical and electronic security measures to protect user information from unauthorized access: • on the server level we are using Ubuntu (Debian based) OS that we fully manage and maintain with the latest security updates - the software stack is mostly made of open source software used throughout the IT as a standard software (Apache web server, PostgreSQL DB, etc.) - system can be accessed from a browser through an encrypted SSL HTTPS connection (a standard in secure web applications) AWS Services Security and Privacy Measures Information related to AWS following in this document is transferred directly from AWS web page and as such isn't changed in any way. It answers a number of questions about AWS certifications, physical security, backups, and issues specific to Amazon S3 and Amazon EC2. http://aws.amazon.com/articles/1697 http://aws.amazon.com/securit\// Brief Overview: At a high level, the following approach has been taken to secure the AWS infrastructure: • Certifications and Accreditations. AWS has achieved ISO 27001 certification and has successfully completed multiple SAS70 Type II audits. Amazon will continue to obtain the appropriate security certifications and conduct audits to demonstrate the security of our infrastructure and services, • Physical Security. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. AWS infrastructure is housed in Amazon -controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical barriers to prevent unauthorized access. Secure Services. Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand. Data Privacy. AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS. Arnazon K2 Security Group Firewall oi t Only Permit ` f V+,'el) layer .. . access o Apj3 Ldyer ---------- I..-..---, - oL_ only Per ni t App layer DBLayer i Don, 80 !HTTP) and 443 (I MS) of by/Eli LaVer open to interne; Only rot 12 (art -A) of App Jayer open to or4y developers in Corporate office netveork All odler traf,`iC tlen'red Figure 1; Securing your GIS Cloud Application within AWS Overview of Security Processes Certifications and Accreditations AWS is working with a public accounting firm to ensure continued Sarbanes Oxley (SOX) compliance and attain certifications such as recurring Statement on Auditing Standards No. 70; Service Organizations, Type II (SAS70 Type II) certification. These certifications provide outside affirmation that AWS has established adequate internal controls and that those controls are operating efficiently. AWS will continue efforts to obtain the strictest of industry certifications in order to verify its commitment to provide a secure, world- class cloud computing environment. The AWS platform also permits the deployment of solutions which meet industry -specific certification requirements. For instance, AWS customers have built HIPAA-compliant healthcare applications using S3 and other components. Physical Security Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities, and critical facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means. Authorized staff must pass two -factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. Amazon only provides data center access and information to employees who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access` is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical and electronic access to data centers by Amazon employees is logged and audited routinely. Backups Data stored in Amazon S3 is redundantly stored in multiple physical locations as a normal part of those services and at no additional charge. Data that is maintained within running instances on Amazon EC2, or within Amazon S3 is all customer data and therefore AWS does not perform backups. Amazon Elastic Compute Cloud (EC2) Security Security within Amazon EC2 is provided on multiple levels; The operating system (OS) of the host system, the virtual instance operating system or guest OS, a stateful firewall and signed API calls. Each of these items builds on the capabilities of the others. The goal is to ensure that data contained within Amazon EC2 cannot be intercepted by non -authorized systems or users and that Amazon EC2 instances themselves are as secure as possible without sacrificing the flexibility in configuration that customers demand. Further details are provided below: • Host Operating System: AWS administrators with a business need are required to use their individual cryptographically strong SSH keys to gain access to a bastion host. These bastion hosts are specifically built systems that are designed and configured to protect the management plane of the cloud. Once connected to the bastion, authorized administrators are able to use a privilege escalation command to gain access to an individual host. All such accesses are logged and routinely audited. When an AWS employee no longer has a business need to administer EC2 hosts, their privileges on and access to the bastion hosts are revoked. • Guest Operating System: Virtual instances are completely controlled by the customer. They have full root access and all administrative control over additional accounts, services, and applications. AWS administrators do not have access to customer instances, and cannot log into the guest OS. Customers should disable password -based access to their hosts and utilize token or key -based authentication to gain access to unprivileged accounts. Further, customers should employ a privilege escalation mechanism with logging on a per -user basis. For example, if the guest OS is Linux, utilize SSH with keys to access the virtual instance, enable shell command -line logging, and use the 'sudo' utility for privilege escalation. Customers should :generate their own key pairs in order to guarantee that they are unique, and not shared with other customers or with AWS. • efirewall: Amazon EC2- provides a complete firewall solution; this mandatory inbound firewall is configured in a default deny mode and the Amazon EC2 customer must explicitly open any ports to allow inbound traffic. The traffic may be restricted by protocol, by service port, as well as by source IP address (individual IP or CIDR block). The firewall can be configured in groups permitting different classes of instances to have different rules, for example the case of a traditional three - tiered web application. The group for the web servers would have port 80 (HTTP) and port 443 (HTTPS) open to the world. The group for the application servers would have port 8000 (application specific) accessible only to the web server group. The group for the database servers would have port 3306 (MySQL) open only to the application server group. All three groups would permit administrative access on port 22 (SSH), but only from the customer's corporate network. Highly secure applications can be deployed using this expressive mechanism. The firewall is controlled not by the host/instance itself, but requires the customer's X.509 certificate and key to authorize changes, thus adding an extra layer of security. Within EC2, the host administrator and cloud administrator can be separate people, permitting two man rule security policies to be enforced. In addition, AWS encourages customers to apply additional per -instance filters with host -based firewalls such as IPtables. This can restrict both inbound and outbound traffic on each instance. The level of security afforded by the firewall is a function of which ports are opened by the customer, and for what duration and purpose. The default state is to deny all incoming traffic, and developers should plan carefully what they will open when building and securing their applications. Well-informed traffic management and security design is still required on a per -instance basis. API; Calls to launch and terminate instances, change firewall parameters, and perform other functions are all signed by an X.509 certificate or the customer's Amazon Secret Access Key. Without access to the customer's Secret Access Key or X.509 certificate, Amazon EC2 API calls cannot be made on their behalf. In addition, API calls can be encrypted in transit with SSL to maintain confidentiality. Amazon recommends always using SSL -protected API endpoints. The Hypervisor Amazon EC2 currently utilizes a highly customized version of the Xen hypervisor, taking advantage of paravirtualization. Because paravirtualized guests rely on the hypervisor to provide support for operations that normally require privileged access, it is possible to run the guest OS with no elevated access to the CPU. This explicit virtualization of the physical resources leads to a clear separation between guest and hypervisor, resulting in strong security separation between the two. Instance Isolation Different instances running on the same physical machine are isolated from each other utilizing the Xen hypervisor. Amazon is an active participant and contributor within the Xen community, which ensures awareness of potential pending issues. In addition, the aforementioned firewall resides within the hypervisor layer, between the physical interface and the instance's virtual interface. All packets must pass through this layer, thus an instance's neighbors have no additional access to that instance, and can be treated as if they are on separate physical hosts. The physical RAM is separated using similar mechanisms. Customer instances have no access to raw disk devices, but instead are presented with virtualized disks. The AWS proprietary disk virtualization layer automatically wipes every block of storage used by the customer, and guarantees that one customer's data is never exposed to another. Note that unintentionally leaving data on disk devices is only one possible breach of confidentiality; many others exist, and for this reason AWS recommends that customers further protect their data using appropriate means. One common solution is to run an encrypted filesystem on top of the virtualized disk device. Network Security The AW S network provides significant protection against traditional network security issues and the customer can implement further protection. The following are a few examples: • Distributed Denial Of Service (DDoS) Attacks: AWS API endpoints are hosted on the same Internet -scale, world class infrastructure that supports the Amazon.com retail site. Standard DDoS mitigation techniques such as syn cookies and connection limiting are used. To further mitigate the effect of potential DDoS attacks, Amazon maintains internal bandwidth which exceeds its provider -supplied Internet bandwidth. • Man In the Middle (MITM) Attacks: All of the AWS APIs are available via SSL -protected endpoints which provides server authentication. Amazon EC2 AMIs automatically generate new SSH host keys on first boot and log them to the console. Customers can then use the secure APIs to call the console and access the host keys before logging into the instance -for the first time. Customers are encouraged to use the SSL endpoints for all of their interactions with AWS. • IP Spoofing: Amazon EC2 instances cannot send spoofed traffic. The Amazon -controlled, host -based firewall infrastructure will not permit an instance to send traffic with a source IP or MAC address other than its own. • Port Scanning: Port scans by Amazon EC2 customers are a violation of the Amazon EC2 Acceptable Use Policy (AUP). Violations of the AUP are taken seriously, and every reported violation is investigated. When Port scanning is detected it is stopped and blocked. Port scans of Amazon EC2 instances are generally ineffective because, by default, all inbound ports on Amazon EC2 instances are closed. The customer's strict management of security groups can further mitigate the threat of port scans. If the customer configures the security group to allow traffic from any source to a specific port, then that specific port will be vulnerable to a port scan. In these cases, the customer must use appropriate security measures to protect listening services that may be essential to their application from being discovered by an unauthorized port scan. For example, a web server must clearly have port 80 (HTTP) open to the world, and the administrator of this server is responsible for ensuring the security of the HTTP server software, such as Apache. Packet sniffing by other tenants: It is not possible for a virtual instance running in promiscuous mode to receive or "sniff" traffic that is intended for a different virtual instance. While customers can place their interfaces into promiscuous mode, the hypervisor will not deliver any traffic to them that is not addressed to them. This includes two virtual instances that are owned by the same customer, even if they are located on the same physical host. Attacks such as ARP cache poisoning do not work within EC2. While Amazon EC2 does provide ample protection against one customer inadvertently or maliciously attempting to view another's data, as a standard practice customers should encrypt sensitive traffic. Amazon Simple Storage Service (Amazon S3) Security With any shared storage system, the biggest question is whether unauthorized users can access information either intentionally or by mistake. To ensure that customers have the utmost in flexibility to determine how, when, and to whom they wish to expose the information they store in AWS, Amazon S3 APIs provide both bucket- and object -level access controls, with defaults that only permit authenticated access by the bucket and/or object creator. Write and Delete permission is controlled by an Access Control List (ACL) associated with the bucket. Permission to modify the bucket ACLs is itself controlled by an ACL, and it defaults to creator -only access. Therefore, the customer maintains full control over who has access to their data. Amazon S3 access can be granted based on AWS Account ID, DevPay Product ID, or open to everyone. Data Management Another potential concern is whether or not data can be intercepted while "in transit" from one node on the Internet to AWS. For maximum security, Amazon S3 is accessible via SSL encrypted endpoints. The encrypted endpoints are accessible from both the Internet and from within Amazon EC2, ensuring that data is transferred securely both within AWS and to and from sources outside of AWS. Customers may wish to secure data even when it is being stored within Amazon S3. Data stored within Amazon S3 is not encrypted at rest by AWS. However, users can encrypt their data before it is uploaded to Amazon S3 so that the data cannot be accessed or tampered with by unauthorized parties. When an object is deleted from Amazon S3, removal of the mapping from the public name to the object starts immediately, and is generally processed across the distributed system within several seconds. Once the mapping is removed, there is no external access to the deleted object. That storage area is then made available only for write operations and the data is overwritten by newly stored data.