AWS GovCloud (US) is an isolated AWS region designed to host sensitive data and regulated workloads in the cloud, helping customers support their U.S. government compliance requirements, including the International Traffic in Arms Regulations (ITAR) and Federal Risk and Authorization Management Program (FedRAMP). AWS GovCloud (US) is operated by employees who are vetted "U.S. Persons" and root account holders of AWS accounts must confirm they are U.S. Persons before being granted access credentials to the region.
AWS GovCloud (US) is available to U.S. government agencies and organizations in government-regulated industries, that meet GovCloud (US) requirements for access.
Click here to get started with AWS GovCloud (US).
FedRAMP is government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. AWS GovCloud (US) has received a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB) under the Federal Risk and Authorization Management Program (FedRAMP) High baseline.
The FedRAMP High baseline gives government agencies a streamlined process for using AWS GovCloud (US) for mission critical applications and regulated IT workloads. Customers can request access to the "Amazon Web Services - AWS GovCloud (US) Region" FedRAMP package by submitting a request on the Compliance Contact Us Request Form.
For the fastest path to an ATO, acceses our no-cost AWS NIST Quick Start tools in the AWS GovCloud (US) Console and deploy FedRAMP High compliant architectures with the click of a button. See the demo video, or get started.
What is FedRAMP High?
• FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
• The new FedRAMP High baseline is mapped to National Institute of Standards and Technology (NIST) security controls, and includes over 400 security measures.
• The FedRAMP High baseline applies to non-classified technology systems under the Federal Information Security Management Act (FISMA), with “High” characterized as if the loss of confidentiality, integrity, or availability of that data could be expected to have a severe or catastrophic effect on organizational operations, assets, or individuals.
Contact an AWS business representative to learn more about AWS GovCloud (US).
The Department of Veterans Affairs issued a Federal Information Security Management Act (FISMA) High General Support System Authority to Operate (ATO) for AWS GovCloud (US). This validation of a secure environment to run highly sensitive government workloads is important to the VA since they work with patient data, and protecting this data is critical to their mission of serving America's veterans. Read more.
Cloud.gov, built by GSA’s 18F, runs on AWS GovCloud (US) and recently received a P-ATO at the moderate impact level from FedRAMP. Cloud.gov helps other government agencies build, buy, and share technology products. When agencies build a system on cloud.gov, their system or application inherits the FedRAMP compliance of the platform, which substantially reduces the amount of compliance work they need to execute and accelerates the path to authorization. Read more.
Learn about CSRA’s migration to AWS GovCloud (US) for the majority of their apps and most sensitive data. See how CSRA is leveraging its hands-on experience with AWS GovCloud (US) to better serve government customers with strict regulatory compliance needs, including FedRAMP High requirements. Read the Case Study and view the CSRA Summit session video.
FIGmd provides data analytics and reporting solutions to hospitals, operating one of the largest clinical-data registries in the U.S.. The company helps healthcare providers measure, improve, and report health outcomes cost-effectively at scale. FIGmd wanted to reduce cybersecurity risks related to transmission and storage of sensitive data with AWS GovCloud (US), which is HIPAA, HITECH, ACA and FedRAMP compliant. Read more.
At the 2016 re:Invent show, Air Force Lt. Gen. Samuel Greaves shared his perspective on how the innovative Defense Digital Services (DDS) team is breaking down technology barriers by encouraging the Air Force to use Amazon's commercial AWSGovCloud (US) region for development and testing of their next gen operational control system, which will control the newest version of the DoD’s global positioning system satellites. View the video.
After acquiring a series of Independent Power Producers (IPPs) and their IT assets, Talen Energy consolidated IT and fully migrated to AWS GovCloud (US), ensuring security while meeting NRC, FERC and 10 CFR 810 regulatory requirements. Read more.
For Oracle, SAP and Microsoft Windows applications, reliability is critical. Organizations have traditionally provisioned applicaitons for peak demand and disaster recovery scenarios, which often left IT resources idle or underutilized. With AWS, you can improve reliability with cloud backups and optimize costs by paying only for the cloud resources you use.
Many agencies are amassing large data sets that hold critical insights. With AWS, you can spin up massive on-demand clusters of compute resources in minutes and obtain the intelligence needed to meet your mission and better serve citizens.
As their volume of data continues to grow, organizations are struggling to add the capacity needed to meet their primary storage and backup requirements. With AWS, you can easily access durable and cost-effective cloud storage managed by US persons, meeting your data security requirements and scaling up or down as needed.
Web applications have unique scalability requirements, since usage is difficult to predict. With AWS, you can combine reserved IT resources for predictable workloads, with on-demand resources to handle unexpected spikes, lowering costs while optimizing performance.