As the world continues its migration toward agile, decentralized cloud computing, numerous US federal agencies have aligned around a stringent set of common standards and practices for security and risk assessment known as FedRAMP.
The overarching goal of the FedRAMP program is to protect the data of U.S. government agencies and their constituents by ensuring that the cloud they use meet strict security standards. It provides government agencies with a standardized approach to security and risk assessment, aiming to accelerate the adoption of cloud technology.
Cloud services built around those FedRAMP standards are suitable for virtually any system with intensive data protection requirements, including companies that supply the defense industry, organizations that perform medical research, and more.
The FedRAMP standards focus primarily on the platform and infrastructure level. The General Services Administration (GSA) oversees those standards and authorizes cloud service providers based on compliance with a set of detailed criteria and continuous monitoring to ensure ongoing data protection. Amazon Web Services (AWS) is one of those authorized cloud service providers.
Amazon’s offering is called AWS GovCloud. It is an isolated cloud platform designed to meet strict Federal requirements for security, up to and including the “high impact” FedRAMP baseline. That makes GovCloud suitable for “any system where loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.”
AWS GovCloud allows access by US persons (citizens and green-card holders), and provides segregated access via a dedicated GovCloud login for each authorized user. Qualified AWS customers can request access via the AWS Management Console, or by contacting their Amazon account representative.
GovCloud complies with a long list of other security standards as well, including NIST, FIPS, SRG, DFARS, and more. GovCloud is suitable for hosting sensitive data and regulated workloads, including the DOJ and DoD information, data pertaining to US International Traffic in Arms Regulations (ITAR), and more. Beyond that, AWS GovCloud is a good fit for any system with stringent requirements, including those that house medical records, military secrets and other classified information, financial records, and law enforcement information.
Intellect QMS on GovCloud
Intellect QMS is a highly configurable, integrated suite of QMS applications and a no-code compliance platform. Government agencies and businesses across a range of industries trust Intellect to help them improve operations and comply with stringent regulations, ISO standards, and global GxP requirements.
Intellect’s Quality Management Suite and our No-Code Compliance Platform is available to run seamlessly on the FedRAMP-authorized AWS GovCloud infrastructure and we will work in any GovCloud instance that is provided by our customers. We work with customers in regulated industries every day who have intensive security requirements. That includes government agencies and defense contractors subject to DoD guidelines as well as medical device manufacturers and Life Science companies who collect and maintain protected health information (PHI) subject to HIPAA regulations. Some of these customer choose to run Intellect on a self-managed, private cloud environment.
Intellect’s QMS and no-code Compliance Platform for AWS GovCloud address critical system access, data storage, and technical data access compliance requirements critical for organizations in regulated industries. Data passing to and from Intellect QMS is encrypted in transit using TLS 1.2, and connections are authenticated using AES 128 GCM with ECDHE RSA as a key exchange mechanism. We use encrypted block storage to protect data at rest. Intellect maintains a SOC2 Type 1 certification. (A copy of that certificate is available upon request.)
If your organization is looking to implement automated, highly configurable QMS to support ISO standards and improve regulatory compliance, we would like to speak with you. For organizations with stringent security requirements, Intellect QMS runs seamlessly on the AWS GovCloud platform. Contact us today to arrange a free demo.