CloudAware for Government
In December 2010, the U.S. Chief Information Officer (CIO) released “A 25-Point Implementation Plan to Reform Federal IT Management” as part of a comprehensive effort to increase the operational efficiency of federal technology assets. The “Cloud First policy” as it is called, mandates that agencies take full advantage of cloud computing benefits to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost. And the Office of Management and Budgets (OMB) mandate states that agencies must use the Federal Risk and Authorization Management Program (FedRAMP) when conducting risk assessments, security authorizations, and granting ATOs for all Executive department or agency use of cloud services” (FedRAMP Policy Memo, OMB).
The technology and security landscape of the government is effectively changing on a daily basis and this is where CloudAware Federal comes in. CloudAware Federal provides the technology, people and process to enable complete and secure cloud operations. The CloudAware Federal platform enables Federal Agencies, Cloud Service Providers and System Integrators to manage and deliver their own multi-cloud services as well develop the workflow, governance and collaboration model for a FedRAMP-compliant DevOps \ cloud environment. CloudAware Federal’s Continuous Monitoring ensures that all ‘cloud contributors’ are collaborating with complete visibility, compliance and governance. Furthermore it ensures that all security personnel have complete situational awareness of the cloud environment at all times.
AWS GovCloud (US) Support
CloudAware Federal, the leading government cloud management platform is now available in the AWS GovCloud (US) region of Amazon Web Services (AWS). AWS GovCloud (US) enables U.S. government agencies and customers to move sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements.
CloudAware Federal is a scalable, high-performing enterprise cloud management platform for secure computing. With its unique Continuous Monitoring and Threat Center capabilities, CloudAware is widely deployed in U.S. government agencies. Our key benefit is that we monitor not only the Cloud Service Provider, but the applications and operating systems that run in your cloud.John DoleVice President and General Manager, Public Sector, NASA
Government agencies need the ability to secure computing resources that clouds like AWS GovCloud (US) provide, while still maintaining consistency with existing change management processes and agility. On AWS GovCloud (US), agencies can use CloudAware, paying for only what they use, when they need it. As agencies determine their cloud strategies, the ability to use CloudAware to deploy applications into the AWS while maintaining same security standards and compliance as in physical data centers is a game changer.
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. CloudAware Federal Solutions provides the products and services needed to lead federal agencies, cloud services providers and system integrators to secure and well harnessed cloud environments. CloudAware Federal combines a comprehensive cloud management and security platform, cloud and security expertise from our industry experts\leaders and a close working relationship within the FedRAMP community to ensure comprehensive compliance planning, solid posture and complete visibility.
FedRAMP Continuous Monitoring
After a cloud system receives a FedRAMP Provisional Authorization, it is likely, due to the dynamic and elastic nature of cloud environments that the system undergoes component or inventory changes. Such a change can impact the security posture of the cloud service offering. Additionally, as cloud evolves the attack surface is inevitably going expand (e.g. shared API’s, multi-tenant hosts etc.) In lieu of this, FedRAMP requires On-going assessments or Continuous Diagnostics and Monitoring to ensure the state of compliance and cloud environment’s security posture. These Ongoing assessments and authorization provides federal agencies using cloud services a method of detecting changes to the security posture of a system for the purpose of making risk-based decisions.
CloudAware Federal FedRAMP Continuous Monitoring provides a single window pane into the security posture and operational dashboard for FedRAMP compliance and on-going assessments.
CloudAware Federal provides:
- A complete Cloud CMDB that ensures the state of a system boundary and it’s inventory
- Network and Host based Intrusion Detection System
- Correct and complete system inventory
- Incident Response Framework: Security Operations Center & Threat Center
- Secure Enterprise Log Management (SELM) with SIEM\Log Integration
- System Integrity and Governance for Approved Baseline Images (DISA STIGS, CIS Benchmarks etc.)
- FedRAMP Authorization Document Portal (SSP, SAR, SAP, SATC, CMP, IRP, CP, CMP etc.)
- Authorization to Operate tracking by grouped assets.
- Vulnerability Scanning Report & Alerts – notify on percentage of high, med & low
- Auditbooks - Audit and compliance automation
- ACL and Security Group assessment and policy enforcement
- IAM assessment and policy enforcement
- LDAP \ Active Directory Integration
- Key and Certificate Management for IAM, Web services and Instance PKI
What makes CloudAware Federal absolutely unique is the social collaboration. The collaborative nature of CloudAware Federal enables organizations to collectively manage all DevOps and security operations and Continuous Monitoring.
CloudAware Federal is an Advanced Amazon Technology Partner, bringing government experience in managing and deploying workloads into AWS GovCloud (US). CloudAware Federal's AWS Management platform has been thoroughly tested with all of the AWS offerings such as GovCloud, EC2, S3, RDS, EMR and all other products. As an Advanced Technology partner, CloudAware Federal has access to many unreleased products and solutions. When Amazon finally announces public availability for the new solutions, CloudAware Federal often is already compliant and supports new services. Many of our engineers, developers and product managers not only possess in depth understanding of the AWS platform but are also certified AWS Engineers, Developers and Solution Architects.
- NASA —
- Process-Driven Approach To Threat Management in Amazon Cloud.