Amazon Web Services has received its FISMA Moderate certification from the General Services Administration.
With the addition of FISMA Moderate, the AWS security and compliance framework now covers FISMA Low and Moderate, PCI DSS Level 1, FIPS 140-2, ISO 27001 and SAS-70 type II. AWS also provides an environment that enables businesses to comply with HIPAA regulations.
FISMA Moderate Authorization and Accreditation requires AWS to implement and operate an extensive set of security configurations and controls. This includes documenting the management, operational, and technical processes used to secure the physical and virtual infrastructure as well as conducting third party audits. This is the first time AWS has received a FISMA Moderate authority to operate, according to the company.
“Amazon Web Services offers government agencies access to scalable, cost-effective and flexible technology infrastructure that empowers agencies to quickly and securely deploy their applications in the cloud,” said Teresa Carlson, Vice President of Global Public Sector, Amazon Web Services. “More than 100 government organizations such as Recovery.gov, the Department of Treasury’s Treasury.gov, the Federal Register 2.0 at the National Archives, the Supplemental Nutrition Assistance Program at USDA and the Jet Propulsion Laboratory at NASA are already using AWS to meet their needs for agile, reliable and highly available computing environments.”