AWS GovCloud (US) Receives FedRAMP High Baseline P-ATO from the JAB

Posted on: Jun 23, 2016

AWS GovCloud (US) has received a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB) under the Federal Risk and Authorization Management Program (FedRAMP) High baseline. AWS GovCloud (US) is an isolated AWS region designed to host sensitive data and regulated IT workloads in the cloud, and it is operated by employees who are vetted "U.S. Persons" and root account holders of AWS accounts must confirm they are U.S. Persons before being granted access credentials to the region. 

AWS’s FedRAMP High authorization, which includes over 400 security controls, gives U.S. government agencies the ability to leverage the AWS Cloud for highly sensitive workloads, including Personal Identifiable Information (PII), sensitive patient records, financial data, law enforcement data, and other Controlled Unclassified Information (CUI).

What is FedRAMP High?

  • FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
  • The new FedRAMP High baseline is mapped to National Institute of Standards and Technology (NIST) security controls, and includes over 400 security measures.
  • The FedRAMP High baseline applies to non-classified technology systems under the Federal Information Security Management Act (FISMA), with “High” characterized as if the loss of confidentiality, integrity, or availability of that data could be expected to have a severe or catastrophic effect on organizational operations, assets, or individuals. 

Read the WWPS Blog Post. Customers can request access to the "Amazon Web Services - AWS GovCloud (US) Region" FedRAMP package by submitting a request on the Compliance Contact Us Request Form.