Oracle Cloud Infrastructure (OCI) Government Cloud Services has obtained a Provisional Authority to Operate (P-ATO) from the FedRAMP Joint Authorization Board (JAB). The accreditation continues to demonstrate that OCI is a compliant, cost-effective, and highly-secure platform for our public sector customers most critical workloads.
The JAB is the primary governance and decision-making body for the Federal Risk and Authorization Management Program (FedRAMP), the government program that sets the standard for assessing, authorizing, and monitoring cloud systems’ security. FedRAMP offers two types of authorizations: Agency ATO and JAB P-ATO. Having already achieved a FedRAMP High Agency ATO, Oracle’s achievement of the FedRAMP High JAB P-ATO further assures agencies that the risk posture of the system has been reviewed and approved by leading technology officials. The accreditation can also reduce both time and cost for government customers to secure their own agency ATO.
To achieve the JAB P-ATO, Oracle utilized an accredited Third-Party Assessment Organization to complete a readiness assessment of the cloud service offerings’ for the authorization process. The service offerings were then reviewed by technical representatives from the Department of Homeland Security (DHS), Department of Defense (DoD), and General Services Administration (GSA).
The following OCI Government Cloud services are currently approved by the JAB under this FedRAMP authorization: OCI Compute Service, Object Storage Service, Block Storage Service, Database Cloud Service, Exadata Cloud Service, Key Management Service, Virtual Cloud Networks, FastConnect, Load Balancing as a Service, Identity and Access Management, and Auditing.
Oracle Cloud Infrastructure has also achieved Defense Information Systems Agency (DISA) Impact Level 5 Provisional Authorization, and recently announced the expansion of Government Cloud with National Security Regions to address the needs of Intelligence Community and Department of Defense customers at DISA Impact Level 6, Secret and Top Secret security levels. This authorization is the next step, priming Oracle to deliver greater value to its public sector customers on several fronts:
The JAB P-ATO helps customers understand the steps Oracle has taken to help mitigate the risk of data breaches and reduce their cloud security concerns.
“Congratulations to Oracle for achieving JAB P-ATO accreditation, a rigorous process that is a testament to Oracle’s ongoing commitment to US Government customers. This achievement will allow us to accelerate the path to value for our government clients by providing a Cloud environment that meets highest standards of security and compliance.” Chris Pasternak, Managing Director, Global Oracle IaaS Lead at Accenture.
This authorization affirms Oracle’s compliance with very stringent security requirements, and assures customers that their critical data and services can benefit from protection provided by Oracle’s leading-edge services.
“Achieving a FedRAMP JAB P-ATO is a key step as we help our Public Sector customers take advantage of OCI’s security, innovation, and cost savings for their missions.” said Scott Twaddle, Vice President, Regulated Markets, OCI. “As an authorized Cloud Service Provider, Oracle gives customers peace-of-mind, knowing that modern security threats and challenges are being continuously managed, monitored, and addressed by Oracle.”
Oracle’s accreditation relieves government customers of completing the full certification and accreditation process themselves. Oracle customers can leverage Oracle FedRAMP authorized cloud services and narrow their focus on requirements specific to their mission needs, while also reducing the time consuming, security due diligence associated with this process. This head start can help expedite customers’ journey to cloud.
To learn more about cost-savings with OCI, Oracle offers the Oracle Cloud Workload Cost Estimator to help customers assess the price performance of Oracle Cloud Infrastructure, compared to competitors.
Assurance of Industry-Leading Data Security
Achievement of this intensive accreditation assures government customers of Oracle’s commitment to data security.
“Cloud is the foundational setting for emerging technologies that government agencies are increasingly using, but innovation can’t come at the compromise of privacy, data usage, and security. The Joint Authorization Board (JAB) accreditation establishes Oracle’s leadership in both innovation and regulations,” said Dan Collins, principal, Deloitte Consulting LLP and Oracle Government & Public Services Offering Leader.
Oracle has implemented hundreds of controls and has scheduled continuous compliance maintenance actions throughout the authorization process—with ongoing security monitoring, monthly reviews, and an annual re-assessment.