FedRAMP Compliance for an Azure Government Solution

Background

A large systems integrator was interested in migrating its existing SaaS product offering to the Microsoft Azure Government cloud to replace the underlying operational platform. The Azure Government cloud was particularly interesting to this organization because of its potential to accelerate FedRAMP authorization for the offering. They were looking for a firm with real-world experience both with the Azure Government cloud and in working within FedRAMP-certified environment.

Challenge

The company didn’t have homegrown expertise in certifying application authorization on the cloud but did recognize the value it could derive from using the cloud to deliver its SaaS offering to new government customers. They also recognized that a FedRAMP Authority to Operate (ATO) would be a qualification that many potential government customers would require, so it embarked on a mission to build a suitable platform to host its SaaS offering.

Solution

AIS helped define an architecture that would meet the specific security requirements but that would also ensure that the platform could meet the functional needs once the SaaS product was brought online. During this process, AIS leaned heavily on our expertise in the areas of cloud-based networking, security, infrastructure, and Azure-specific deployment considerations. We completed this work by assisting the customer’s internal engineering team with the build-out of this environment.

Technologies

  • Azure Government Cloud
  • Security monitoring with virtual appliances
  • Software-defined networking
  • Intrusion detection
  • Load balancing tools and cloud service
  • Vulnerability scanning

Learn about FedRAMP Compliance with Azure Government.