Advertisement

You will be redirected to the page you want to view in  seconds.

DoD gives Amazon cloud the green light to handle sensitive data

Aug. 27, 2014
 
David Bennett, DISA's CIO, is examining how accepting DoD agencies are of using commercial cloud providers for sensitive information.
David Bennett, DISA's CIO, is examining how accepting DoD agencies are of using commercial cloud providers for sensitive information. (DISA)

Amazon Web Services on Aug. 21 announced that it has achieved approval under the Defense Department’s cloud security model to operate commercial cloud services for the department’s sensitive, higher-security data management.

The provision authorization grants AWS the opportunity to provide cloud services at impact levels 3 through 5 under DoD’s security model, a stricter version of criteria than the baseline requirements under the Federal Risk and Authorization Management Program, or FedRAMP. Levels 3 through 5 deal with sensitive, for-official-use-only, unclassified data and applications. AWS is one of four providers already authorized for levels 1 and 2.

AWS’ announcement comes as officials at DoD are preparing to launch five pilot programs aimed at demonstrating the use of commercial cloud services for the higher-sensitivity requirements of impact levels 3 through 5. Officials have said the initial criteria that prospective cloud providers must meet may be too stringent, and their hope is that the cloud pilots will help them reevaluate their benchmarks.

Officials also are looking to the cloud pilots to assess defense agencies’ tolerance for risk in the use of commercial cloud services, as well as to improve cloud security and operations.

“There is lots of coordination going on ... to prove out how you do levels 3 through 5, and whether the safeguards will be adequate and really test out the controls to ensure we understand how it’ll work going forward and what the risk is to the data in those environments,” said DISA CIO Dave Bennett. .

More In C4ISR & Networks

More from this channel

Daily intelligence on C4ISR and networks

There's no better way to know what's going on every day in areas like UAS and sensors, GEOINT, C2 and communications, cyber, mobility and defense IT, than to sign up for our daily C4ISRNET newsletters. The news will come right to your inbox, along with commentary and insight from our lineup of senior-level bloggers.

Sign up is easy and quick.