updated 10:35 am EDT, Fri August 22, 2014
Amazon hopes contract will pave the way for cloud-based confidential data
Amazon Web Services has received the first-ever US Department of Defense level three through five provisional authorization for the AWS GovCloud (US) region under the Defense Information Systems Agency's (DISA) codified Cloud Security Model (CSM). This new authorization allows Department of Defense users to conduct development and integration activities for everything but classified workflows with Amazon's service.
"We're very excited to announce we've received the DOD provisional ATO through impact levels three through five -- we're the first commercial cloud provider to achieve this," Vice President for AWS' Worldwide Public Sector Teresa Carlson told Nextgov. "I think it highlights our continued commitment to being a leader in cloud computing. This opens up a whole new world of opportunities for DOD to do what other groups have been doing."
The government initially planned on building its own cloud service for use through classified data. The Amazon approval is the first step towards this goal, but does not preclude a US Department of Defense buildout for its own system. Terms of the government's deal with Amazon are not known at this time, but is likely substantial.
Carlson added that Amazon's ultimate goal is "to meet every standard the federal government has for their data." Referring to the classified level of service, she said that "obviously, that means the ability to work at all levels."
Amazon's customized program includes additional security controls, specific to the Department of Defense. The authorization, sponsored by DISA, will reduce the time necessary for federal defense-related agencies worldwide to evaluate and authorize the use of AWS GovCloud.