The infrastructure, governance, and operating environment of AWS have been assessed and authorized through the FedRAMP and DoD authorization processes. DoD ports and protocols guidance (DoD Instruction 8551.01).All relevant operating system Security Technical Implementation Guides (STIGs).Mission owner responsibilities described in the DoD-Compliant Implementations in the AWS Cloud whitepaper.For more information about the SRG, including the full definition of the security control baselines defined for Levels 2, 4, 5 and 6, visit the Document Library on the DoD Cloud Computing Security webpage.Īs a DoD customer, you are responsible for complying with DoD security guidance within your AWS application environment, which includes: The AWS provisional authorization from the Defense Information Systems Agency (DISA) provides a reusable certification that attests to AWS compliance with DoD standards, reducing the time necessary for a DoD mission owner to assess and authorize one of their systems for operation in AWS. The Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) provides a standardized assessment and authorization process for cloud service providers (CSPs) to gain a DoD provisional authorization, so that they can serve DoD customers. AWS enables defense organizations and their business associates to create secure environments to process, maintain, and store DoD data. A growing number of military customers are adopting AWS services to process, store, and transmit US Department of Defense (DoD) data.
0 Comments
Leave a Reply. |