Cloud Computing

Amazon cloud gets DOD authorization

The Defense Department, which has been pushing to take advantage of cloud computing, has granted Amazon Web Services provisional authorization to deliver its cloud services to DOD components, Amazon announced

The authorization applies to all four of AWS’s U.S. regions, including its GovCloud region, and covers Impact Levels 1 and 2 of the Defense Information Systems Agency’s five-part scale of risk factors. Levels 1 and 2 cover the low-risk unclassified public and private information.

Although AWS is used by the Navy, Air Force and other military components, the provisional authority greases the wheels for wider use within DOD. The federal government has been moving toward greater use of cloud services, though the military has been more cautious than civilian agencies, primarily because of security concerns.

The Federal Risk and Authorization Management Program sets a baseline for the security of cloud services, and 15 services so far have been granted provisional or agency authority to operate under the program. DOD’s Cloud Security Model (CSM) is built on FedRAMP but with additional security controls specific to DOD. In November, Autonomic Resources became the first cloud provider to receive DOD provisional authority, for its infrastructure as a service offering.

The idea behind FedRAMP and CSM is to save time and money on evaluating cloud products by having a central authority test them for compliance, rather than have individual agencies run their own tests.

Although DOD has moved more slowly than civilian agencies to the cloud, the department’s Cloud Computing Strategy sets out plans for making much greater use of it, and Pentagon leaders see the cloud as essential to building an effective Joint Information Environment.

About the Author

Kevin McCaney is a former editor of Defense Systems and GCN.

Defense Systems Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.