AWS Security Blog

AWS Secures DoD Provisional Authorization

I’m very excited to share that AWS has received a DISA Provisional Authorization under the DoD Cloud Security Model’s impact levels 1-2 for all four of AWS’s Infrastructure Regions in the U.S., including AWS GovCloud (US). With this distinction, AWS has shown it can meet the DoD’s stringent security and compliance requirements; and as a result, even more DoD agencies can now use AWS’s secure, compliant infrastructure. To learn more about the AWS DoD Provisional Authorization, please visit https://aws.amazon.com/compliance/dod-csm-faqs.

Built on the foundation of the FedRAMP Program, the DoD CSM includes additional security controls specific to the DoD.  The Defense Information Systems Agency (DISA) assessed our compliance with those additional security controls and granted the authorization which will reduce the time necessary for DoD agencies to evaluate and authorize the use of the AWS Cloud.

With today’s announcement, our services are listed in the DoD Enterprise Cloud Service Broker (ECSB) catalog, and DoD agencies can immediately request AWS DoD Provisional Authorization compliance support by submitting a Compliance Support Request to the AWS public sector sales and business development team.  For more information on AWS security and compliance, please visit the AWS Security Center, https://aws.amazon.com/security, and the AWS Compliance Center, https://aws.amazon.com/compliance.

Author

Chad Woolf

Chad joined Amazon in 2010 and built the AWS compliance functions from the ground up, including audit and certifications, privacy, contract compliance, control automation engineering and security process monitoring. Chad’s work also includes enabling public sector and regulated industry adoption of the AWS cloud, compliance with complex privacy regulations such as GDPR and operating a trade and product compliance team in conjunction with global region expansion. Prior to joining AWS, Chad spent 12 years with Ernst & Young as a Senior Manager working directly with Fortune 100 companies consulting on IT process, security, risk, and vendor management advisory work, as well as designing and deploying global security and assurance software solutions. Chad holds a Masters of Information Systems Management and a Bachelors of Accounting from Brigham Young University, Utah. Follow Chad on Twitter.