Relevant links are at the bottom of this post.
I am pleased to share that, for our AWS GovCloud (US) Region, AWS has received a Defense Information Systems Agency (DISA) Provisional Authorization (PA) at Impact Level 4 (IL4). This will allow Department of Defense (DoD) agencies to use the AWS Cloud for production workloads with export-controlled data, privacy information, and protected health information as well as other controlled unclassified information. This new authorization continues to demonstrate our advanced work in the public sector space; you might recall AWS was the first cloud service provider to obtain an Impact Level 4 PA in August 2014, paving the way for DoD pilot workloads and applications in the cloud. Additionally, we recently achieved a FedRAMP High provisional Authorization to Operate (P-ATO) from the Joint Authorization Board (JAB), also for AWS GovCloud (US), and today’s announcement allows DoD mission owners to continue to leverage AWS for critical production applications.
DISA is a support agency of the DoD, providing, operating, and assuring information-sharing capabilities and a globally accessible enterprise information infrastructure in direct support of mission and coalition partners. DISA will leverage AWS GovCloud (US) continuous monitoring reports managed by the FedRAMP program.
Cloud computing technology and services provide the DoD with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federal data center consolidation.
“Naturally, we’re excited to extend our critical, secure cloud capabilities to our Defense customers and the effort we pour into that support is demonstrated by this significant achievement,” said Chad Woolf, AWS Director of Risk & Compliance. “Our DoD IL4 authorization gives Defense agencies a definitive path to leverage the agile and secure capabilities of the cloud for highly sensitive Defense workloads.”
For a list of frequently asked questions, please visit our AWS DoD Compliance page. DoD agencies can request the AWS GovCloud (US) IL4 Security Package by submitting a Compliance Support Request to the AWS public sector sales and business development team. For more information on AWS security and compliance, see the AWS Security Center and the AWS Compliance Center.
– Chris Gile, Senior Manager, AWS Public Sector Risk & Compliance