Amazon’s AWS GovCloud (US) has achieved a Provisional Authorization (PA) by the Defense Information Systems Agency (DISA) at Impact Level (IL) 5, as defined in the Department of Defense (DoD) Cloud Computing (CC) Security Requirements Guide (SRG) v. 1, Release 3.

In addition to supporting DoD CC SRG IL2 and IL4 workloads, DoD customers may now leverage the PA as a baseline for assessing risk associated with DoD CC SRG IL5 security requirements. This includes planned workloads for Controlled Unclassified Information (CUI) exceeding the sensitivity level of IL4, as well as unclassified National Security Systems (NSSs).

Case Study: No other Cloud Service Provider (CSP) was able to meet the IL5 security and scaling requirements of the US Air Force's Next Generation GPS Operational Control System program. This program required 200+ Dedicated Hosts running upwards of a 1,000 individual Virtual Machines. Each Virtual Machine required at least 8 vCPUs and 32GB RAM. Additionally, the storage costs were approximately 30% more expensive than AWS. See the video.

View this AWS Webinar below: Automating DoD SRG Impact Level 5 Compliance in Amazon's AWS GovCloud (US) Region.

View the Webinar Recording

DISA

The AWS GovCloud (US) Region gives customers the flexibility to architect solutions that are in compliance with the the Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) Levels 2, 4 and 5, FISMA and FedRAMP High Baseline, CJIS, ITAR and HIPAA. Compliance Contact Us Request Form

AWS GovCloud (US) Features:

  • Managed solely by vetted US Citizens
  • Accessible only to vetted root accountholders who are US Persons (citizens or green card holders)
  • Logically and physically isolated and located in the United States
  • PA for DoD SRG IL2, IL4, and IL5 workloads
  • FedRAMP High P-ATO supporting FISMA High and FedRAMP High workloads
  • Allows customers meet compliance requirements, including HIPAA, CJIS, and International Traffic in Arms Regulations (ITAR)