Amazon GovCloud Secured For US Government

Amazon Web Services has announced AWS GovCloud, a new AWS Region designed to allow US government agencies to move more sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements.

Previously, government agencies with data subject to compliance regulations such as the ITAR (International Traffic in Arms Regulations), which governs how organisations manage and store defence-related data, were unable to process and store data in the cloud that the federal government mandated be accessible only by US nationals, AWS officials said.

Controlled Access To Regulated Data

AWS GovCloud is physically and logically accessible by US citizens only, allowing government agencies to manage more heavily regulated data in AWS while remaining compliant with strict federal requirements, AWS officials said.

Andy Jassy, senior vice president of Amazon Web Services, introduced the new government cloud service at the 2011 NASA IT Summit in San Francisco.

The new Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as the Federal Information Security Management Act of 2002 (FISMA), FIPS 140-2 compliant end points, SAS-70, ISO 27001, and PCI DSS Level 1. AWS also provides an environment that enables agencies to comply with HIPAA regulations, the company said.

AWS resources deployed from AWS GovCloud – such as Elastic Compute Cloud (EC2), Simple Storage Service (S3) and Virtual Private Cloud (VPC) – are available on-demand and agencies pay only for what they use, enabling the US government to benefit from the flexibility, scalability and low pay-as-you-go pricing of AWS.

“Just as we are early explorers of outer space, JPL have been early explorers of the cloud computing space,” said Tomas Soderstrom, chief technology officer in the Office of the CIO at the NASA Jet Propulsion Laboratory (JPL). “We’ve leveraged AWS in our missions for a few years now and were the first to use cloud computing for daily operations. By working with cloud computing providers such as AWS, we gain the flexibility to move quickly, acquire IT resources on-demand and save money by paying only for the resources we use.

“This implements the JPL CIO, Jim Rinaldi’s, vision of provisioning instead of procuring hardware. As we move more workloads into the cloud, we look forward to leveraging ITAR compliant clouds, such as the new AWS GovCloud for our compliance-dependent projects so we can continue to look to the cloud first for even more missions,” Soderstrom said.

AWS Claims Government Cost Savings

Teresa Carlson, vice president of Global Public Sector at Amazon Web Services, stated, “In March of 2010, the US Recovery and Accountability Transparency Board became the first government-wide agency to migrate to a cloud-based technology infrastructure when it moved Recovery.gov to AWS. In one budget cycle alone, the Recovery and Accountability board was able to save $750,000 [£456,000] by leveraging AWS.

“Today, over 100 government agencies are taking advantage of AWS and we’re excited to continue working with agencies as they implement the Federal Cloud First policy to become more efficient, agile, and innovative through more effective use of technology infrastructure. AWS GovCloud is the next step in that evolution,” she said.

For its part, Microsoft launched a government-focused cloud service of its own in 2010. At the eighth annual Microsoft US Public Sector CIO Summit in February 2010, Microsoft unveiled a number of enhancements and certifications for the Microsoft Business Productivity Online Suite (BPOS). The company also launched a dedicated government cloud offering based on the BPOS.

“Microsoft is the first and only cloud provider to offer this level of protection and security for governments,” said Ron Markezich, corporate vice president of Microsoft Online at the time of that announcement. “We were able to achieve this industry first thanks to our experience providing dedicated cloud services for the past five years.” Markezich is now corporate vice president of Microsoft’s US Enterprise and Partner Group.