Swath of Government Cloud Services Get DISA Green Light update from May 2015
Providers cleared to host some DoD mission data
May 7, 2015
U.S. Defense Information Systems Agency has granted Provisional Authorization to 23 government cloud services for hosting mission data up to Impact Level 2, which is non-controlled, unclassified information, including publicly released information as well as some private unclassified Department of Defense information with some minimal access control.
DoD, a DISA parent department, has been warming to commercial cloud services. One vocal proponent of using cloud intelligently has been DoD CIO Terry Halvorsen. Cloud promises savings, however not all data is suited for cloud. The first step was defining the types of data, with Provisional Authorization defining which providers are suitable for Impact Level 2 data.
There are four Impact Levels, each describing the sensitivity and risk associated with the data. Counterintuitively, they are levels 2,4,5, and 6, 2 being the lowest and 6 reserved for classified double-secret probation information.
Each provider is first granted either a FedRAMP Joint Authorization Board Provisional Authorization or a FedRAMP Agency Authority to Operate. A primer on FedRAMP is located here.
Some of the more well-known names that were granted Provisional Authorization Level 2 include:
CDN provider Akamai
Microsoft Windows Azure public cloud
Amazon Web Services Redshift, a data warehouse service
AT&T’s Storage-as-a-Service
IBM SmartCloud for Government
Microsoft Office 365 and supporting services, such as Active Directory
Oracle Federal Managed Cloud Services, and its SaaS Service Cloud
Salesforce Government Cloud, PaaS and SaaS
Verizon Enterprise Cloud Federal Edition
Many data center providers have either gone after the larger federal space or acquired positions in this growing market. QTS, which received its FedRAMP certification in 2014, acquired Carpathi Hosting this week to boost its government cloud offerings.
What workloads are suitable for which cloud is still being established. New cloud security requirements were launched early this year.
The other clouds granted PA are:
IaaS: Autonomic Resources Cloud Platform (ARC-P), Clear Government Solutions FedGRID Government Community Cloud, Lockheed Martin SolaS-I Government Community Cloud, OMB MAX General Support Services, USDA National Information Technology Center
PaaS and/or SaaS: MicroPact Product Suite, AIMS eCase, OMB MAX.gov Shared Services, U.S. Treasury Workplace.gov Community Cloud, Economic Systems Federal Human Resources Navigator (FHR Navigator), SecureKey Briidge.net ExchangeT for Connect.Gov, Edge Hosting CloudPlus, which provides managed, secure Windows and Linux application hosting (technically an ASP).
Remote hosted desktops: Concurrent Technologies Corporation.
About the Author
You May Also Like