AWS is very excited to publically announce that AWS is the very first cloud service provider (CSP) to achieve a U.S. Department of Defense (DoD) Security Level 3-5 Authorization for our AWS GovCloud (US) Region.
This authorization covers security impact levels 3-5 controls, equivalent to FISMA-Moderate and High, and DoD Partners and customers can immediately begin initiating cloud deployments in GovCloud at these higher CSM levels.
To learn more:
The AWS cloud is uniquely positioned to provide scalable cost-efficient solutions for the US Federal Government to find ways cloud services can be employed to meet mandates, reduce costs, drive efficiencies, and increase innovation across its Civilian agencies and the Department of Defense. AWS provides cloud services a pay-as-you-go model, delivering access to technology resources that are managed by experts. Simply access AWS services over the internet, with no upfront costs (no capital investment), and pay only for the computing resources that you use, as your needs scale.
Contact an AWS Business
Click here for all our AWS Public Sector Case studies.
In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with customer mandates, security best practices, provides appropriate security features in those services, and documents how to use those features.
The AWS cloud infrastructure has been designed and managed in alignment with regulations, standards, and best-practices including:
- SOC 1/SSAE 16/ISAE 3402 (formerly SAS70)
- SOC 2
- SOC 3
- PCI DSS Level 1
- ISO 27001
- DIACAP and FISMA
- FIPS 140-2
Read more about AWS Compliance & Assurance Programs.
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. AWS has two separate FedRAMP Agency ATOs in the FedRAMP Repository; one ATO applicable to the AWS US East/West regions, and the other applicable to the AWS GovCloud (US) Region. AWS US East/West is a multi-tenant public cloud for federal, state, and local government customers, as well as enterprise customers, and is designed to meet a wide range of regulatory requirements, including government compliance and security requirements. AWS GovCloud (US) is an AWS Region designed to allow US government agencies, contractors and customers to move more sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements, such as ITAR, which governs how organizations manage and store defense-related data. Additional information is available at AWS GovCloud (US) Region.
Agencies and federal contractors can immediately request access to the AWS HHS ATO packages by submitting a FedRAMP Package Access Request Form for the "Amazon Web Services - AWS GovCloud (US) Region" with package ID "AGENCYAMAZONGC" and the "Amazon Web Services - US East/West Region" with package ID "AGENCYAMAZONEW". Additional information on FedRAMP, including the FedRAMP Concept of Operations (CONOPS) and Guide to Understanding FedRAMP, can be found at http://www.fedramp.gov.
The AWS GovCloud (US) Region is an AWS Region designed to address the specific regulatory needs of United States government agencies, education entities, and other customers and partners.
The AWS Partner Network
The AWS Partner Network is made up of a strong and growing community of companies that offer a wide range of products and services on the AWS platform. To find the type of AWS Partner that meets your needs, use the search criteria in this directory to refine your search. Click here
Find great cloud software, launch quickly and pay by the hour. Shop now
AWS Federal Roadshows
Find the roadshow nearest you by clicking here.