Esri Managed Cloud Services Achieves Federal Security Milestone

February 11, 2015  - By 0 Comments

Esri Managed Cloud Services (EMCS) has achieved Federal Risk and Authorization Management Program (FedRAMP) compliance at the moderate level, Esri president Jack Dangermond announced during the Esri Federal GIS Conference in Washington, D.C.

EMCS is the first program tailored specifically for a GIS to offer a cloud environment compliant at the FedRAMP moderate level, meaning it satisfies the stringent security requirements that federal agencies must meet before operating in a cloud computing environment.

“We look forward to continue working with vendors like Esri who have demonstrated FedRAMP compliance through the CSP Supplied path,” said Matt Goodrich, FedRAMP director. “This approach facilitates federal agency security authorization demands as the complete security package for Esri Managed Cloud Services is available in the FedRAMP repository today.”

EMCS provides ready-to-use instances of ArcGIS in the cloud. Customers can adapt it to best suit their needs, either as an alternative in their own infrastructure or in conjunction with their own servers. The scalable, secure environment is supported by experienced GIS professionals to ensure GIS data and services are available whenever needed, Esri said.

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Being FedRAMP compliant means a cloud computing system has established and documented a highly secure environment that has withstood comprehensive, rigorous review before federal agencies are authorized to engage the system. Currently, compliance can be met at either the low or moderate level.

EMCS is the first geospatial cloud-service provider reviewed under the latest FedRAMP and NIST 800-53 Revision 4 security controls. This expanded set of security controls represents the most comprehensive update to the government security controls catalog since its inception in 2005 to better address the increased frequency and persistence of today’s cyber attacks.

With Esri Managed Cloud Services, customers can use ArcGIS Online, Esri’s online GIS platform, as their primary discovery mechanism and easily supplement it with Esri’s FedRAMP-compliant GIS hosting tools, ArcGIS for Server and Portal for ArcGIS, to meet more advanced security needs. The program provides a standardized, demanding security protocol that customers can review themselves and that federal agencies can use for the government assessment and authorization process to expedite compliance.

EMCS also supports federal agencies seeking to comply with the White House Cloud Computing Strategy. Adopted in 2011 to save money, the Cloud First policy requires federal agencies to evaluate safe, secure cloud computing options before making any new investments.

Because EMCS was designed from the ground up to meet the needs of federal customers, it can also meet the robust security demands of users from other sectors such as law enforcement, health care, and retail, Esri said.

GIS users are moving to the cloud in large part to take advantage of the flexibility and potential cost savings it provides. Using EMCS helps users reduce risk, speed deployment, improve performance, and reduce operational costs in a secure environment.

To learn more about FedRAMP, visit http://cloud.cio.gov/action/secure-your-cloud

For a complete description of the Esri Managed Cloud Services FedRAMP–compliant system, visit esri.com/services/emcs/security.

Tracy Cozzens

About the Author:

Tracy Cozzens has served as managing editor of GPS World magazine since 2006. She also is editor of GPS World’s newsletters and the sister website Geospatial Solutions. She has worked in government, for non-profits, and in corporate communications, editing a variety of publications for audiences ranging from federal government contractors to teachers.

Post a Comment