Cloud

Autonomic gets DOD FedRAMP OK

Navy person using keyboard

Autonomic Resources, the first cloud provider to achieve compliance under the Federal Risk and Authorization Management Program (FedRAMP) back in December 2012, has now become the first to achieve additional security control required by the Department of Defense.

Autonomic announced it was issued a provisional authorization by the DOD on Nov. 12 for its Autonomic Resources Cloud Platform (ARC-P) infrastructure as a service offering, making it the only cloud provider offered for DOD-wide acceptance under the Defense Information Systems Agency (DISA) Enterprise Cloud Service Broker catalog.

After ARC-P achieved FedRAMP compliance, it was further assessed using the DOD cloud security model, taking into account an additional 23 controls and enhancements from third revision of the National Institute of Standards and Technology Special Publication 800-53. According to Autonomic, ARC-P is now authorized at DOD Impact Levels 1 and 2, meaning it is approved for unclassified public information and unclassified private information.

"ARC-P is yet again first in security authorizations that are meaningful to our government cloud customer," said John Keese, President and CEO of Autonomic Resources.  

"The ability to leverage our FedRAMP Provisional ATO, granted by the Joint Authorization Board, assisted DOD in rapid approval, something that would have been much more difficult with a single agency FedRAMP compliant ATO," Keese added in a statement. "Additionally, ARC-P is ready for authorization at Impact Levels 3 and 4 once finalized by DISA, and Level 5 by early 2014."

A provisional authorization is an initial approval for a cloud service provider's platform by the DISA Designated Accrediting Authority. That body can then use the provisional authorization to grant specific customers an authority to operate.

Thus far, 10 providers have achieved FedRAMP compliance, including Autonomic. The FedRAMP Joint Authorization Board has granted seven other cloud providers provisional authority to operate: Akamai, AT&T, CGI Federal, Hewlett-Packard, IBM, Lockheed Martin and Microsoft.

Meanwhile, the Health and Human Services department bestowed FedRAMP certification on Amazon Web Services' GovCloud and US East/West offerings, while the Agriculture Department certified its own National Information Technology Center.

About the Author

Frank Konkel is a former staff writer for FCW.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected