Government Cloud Computing (govcloud)

Government cloud computing (govcloud) for federal and state agencies.  fedramp compliant secure infrastructure managed 24/7 by the private sector's only cyber counterintelligence team with active security clearance.

US Cyber Vault brings its team of world-class counterintelligence experts and best-in-breed security technology to make sure you stay ahead of attacks and satisfy regulations including:

  • FedRAMP
  • ITAR

From small municipalities, to large state agencies, to departments and agencies of the Federal government, US Cyber Vault provides the total security, scalability and 100% uptime that are critically essential for a government body to reliably perform its functions and provide its services — all while protecting its own and the public’s most sensitive data. This is even more challenging in a world where government bodies are among the bad guys’ most sought-after targets.

Perhaps nothing is more essential than making sure your constituents’, and your agency’s data is secure.  And it will be, when US Cyber Vault’s unequalled secure infrastructure and the private sectors’ only cyber counterintelligence team protecting your data from cyber attacks. Which means your constituents’ most sensitive data — and your agency’s reputation — won’t be compromised.

Federal Cloud Computing - FISMA and FedRAMP-Ready

US Cyber Vault stands ready to meet all FISMA controls and FedRAMP requirements, the strictest federal cloud security standards. Unlike other cloud platforms, US Cyber Vault is uniquely suited for the needs of government. It blends the cost benefits and scalability of public cloud computing with the security and customization of a private cloud. All backed by the private sector’s only cyber counterintelligence team; all with active security clearance.  With the inherent portable nature of US Cyber Vault, our FISMA and FedRAMP-ready secure infrastructure offering can be deployed at both US Cyber Vault data centers as well as within your own internal data centers.

Dedicated Infrastructure in Domestic Datacenters

Our SSAE 16 Type II datacenters are located in the U.S. Each has been assessed and approved against U.S. security standards including NIST 800-53, DIACAP, FISMA and FedRAMP. Our engineering staff are 100% U.S. citizens (ITAR compliant) with federal security clearances, and are experienced in the full spectrum of U.S. government security policies and practices.

About FedRAMP:

FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. The program was developed to significantly reduce the effort and expense that would be incurred by government agencies to achieve high-level standards for securing government data. Designed as an "approve once, deploy many" program, authorized Cloud Service Providers (CSPs) would attain a provisional Authority To Operate (ATO) and provide cloud services for many agencies. Government agencies can then select an authorized CSP in an effort to save taxpayer expense on government IT infrastructure and cloud applications. The JAB is the primary governance group of the FedRAMP program, consisting of the chief information officers of the Department of Defense, the Department of Homeland Security and the U.S. General Services Administration. The FedRAMP program supports the U.S. government's "Cloud-First" initiative to enable U.S. federal agencies to use managed service providers that enable cloud computing capabilities. The FedRAMP program is designed to comply with the Federal Information Security Management Act of 2002 (FISMA). 

FedRAMP Security

The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. 

Based on the NIST baseline controls defined in NIST SP 800-53 rev4 for low and moderate systems, FedRAMP brings this security standard into the cloud, enabling organizations to essentially to comply with NIST security standards by way of  FedRAMP compliant community/private cloud environment. FedRAMP additional controls address the unique elements of cloud computing to ensure all data is secure in cloud environments.

Security Standards Designed for Clouds

FedRAMP takes all the security requirements agencies had to follow for their conventional IT systems and "extends those controls specifically for cloud computing," says Melvin Greer, a chief strategist at Lockheed Martin. More important, "FedRAMP has codified security," Greer says. "It has detailed what we mean when we say cloud security." It also makes it easier for acquisition staffs to buy cloud services because "they can be assured services from FedRAMP-approved providers will meet all of their requirements."

Information Security Levels

While the definition of what “high-impact” means for a private enterprise may differ from that of a government agency, the goal is the same – to ensure that the organization’s most critical information is fully secured.  Critical information with “high-impact” ratings in the government usually means data, if accessed or stolen, may result in life-threatening situations or financial ruin.  

Within enterprises, “high-impact” or “critical data” as it is more commonly referred to includes:

Information about mid- to long-range strategic plans
Information that includes IP (intellectual property) and research findings
Information that could lead to lost sales
Information that could lead to financial or regulatory penalties
Information that could result in severe damage to the company’s value or reputation

“Moderate” and “Low” impact data can also be fully secured by FedRAMP and includes elements such as: 

Information related to personnel or customer data
Information that is deemed confidential in nature
Information that could marginally disrupt business operations
Information that is competitively sensitive

The chart below highlights the holistic security elements covered by FedRAMP authorization, as compared to NIST and ISO 27001 security standards.