FedCloud Resources is our new grouping of associated businesses which provide the FedRAMP cloud security boundaries for all Federal, state, and local government agencies, as well as for the private sector, especially critical infrastructure industries such as energy, healthcare, insurance, legal, accounting, and financial. It is the umbrella for all of our current and developing cloud security businesses.
The four key associated businesses of FedCloud Resources are:
- Autonomic Resources
- ARC Secure Data Centers
The deeper we get into the actual demands of the Federal Cloud First Mandate, it becomes clear that our narrative needs to begin and end with establishing [and constantly enhancing] the security boundaries for the Federal Cloud Ecosystem. This is not, however, limited to compute activity, but this critical need for security permeates everything the cloud activity touches. And the demand for more robust security boundaries will only heighten as the inevitable security breaches proliferate.
The Federal Government is at war with cyberattackers, and it is only a matter of time before there is a call to arms to protect the private sector as well, especially critical infrastructure industries such as energy, healthcare, insurance, legal, accounting, and financial. I think we all agree that FedRAMP is just getting started, and eventually they will reach deep into the private sector with their mandated security boundaries [and our FedCloud Resources will be the first and most prepared to facilitate this activity].
Cybersecurity is now at the forefront of concern for every government, business, and consumer – and it is only going to escalate.
With our unrivaled lineup of FedCloud Resources: ARC-P [FedRAMP IaaS ATO], ARC Secure Data Centers, and FedDROP, we cover all aspects of the Federal Cloud Ecosystem security boundaries. With our IaaS and CMaaS, we cover the actual cloud compute; while our ARC Secure Data Centers cover the security boundaries for the actual bare metal and data center activity. From there, we extend our security boundaries with FedDROP to ensure that all data and information remains in a secure repository when it leaves the confines of the established on-prem or cloud security boundaries.
We are the complete solution, providing security boundaries for all of the Federal Cloud Ecosystem. No other cloud service provider has approached the issue of security boundaries for the Federal Cloud Ecosystem as completely or adroitly as our FedCloud Resources. We are not only the first to market, we are boldly creating the ecosystem itself.
The first to FedRAMP ATO:
Initially, our mission at Autonomic Resources was to conceptualize, design, build, and accredit secure cloud solutions that facilitated the specific needs of Federal agencies through certifications based on the stringent Federal Risk and Authorization Management Program [FedRAMP] and Defense Information Systems Agency [DISA] standards. However, Autonomic Resources now has the unprecedented and remarkable capability to provide the FedRAMP cloud security boundaries for all Federal, state, and local government agencies, as well as the private sector – especially critical infrastructure industries such as energy, healthcare, insurance, legal, accounting, and financial.
We have separated this unique and unprecedented Federal cloud security activity into three key divisions:
- The ARC Oven
- FedCloud Express
- FedCloud Secure
The Autonomic Resources Cloud [ARC] Oven is our defining asset. It is, fundamentally, our research and development division which focuses on product development, accreditation, and launch.
At Autonomic Resources, we utilize the ARC Oven to identify, develop, accredit, and launch trusted cloud computing products and platforms for Federal government agencies and contractors. In addition to providing Autonomic Resources with the intellectual property crucial to its operation, the ARC Oven provides licenses and exclusivity agreements to various strategic, teaming, and corporate partners.
The ARC Oven is recognized in the Federal Cloud Ecosystem for our superior set of certified-secure cloud offerings. We have been awarded a FedRAMP Provisional Authority to Operate [ATO] as well as an ATO at Impact Levels 1 and 2 from DISA for both our government community and private IaaS offerings. The superior value of our ARC Oven is continuously validated through the on-going delivery of new, innovative FedRAMP and DISA certified-secure cloud platforms and services.
As our research and development division [and the primary generator of Autonomic Resources coveted intellectual property], the ARC Oven sets us apart from other CSPs through our responsiveness to emerging Federal Cloud requirements, as well as by our thoughtful architecture consideration and implementation of open standards. Our ARC Oven process is the only product development and launch capability developed with FedRAMP accreditation as the fundamental guidepost for all its cloud activities.
The ARC Oven has three main activities:
- FedRAMP ATO Our ARC Oven division develops, maintains, and enhances our Autonomic Resources Cloud Platform [ARC-P] which provides our critical FedRAMP IaaS Authority to Operate [ATO], as well as the Department of Defense’s DISA certification and all other necessary authorizations and certifications.
Our FedRAMP JAB Provisional ATO is for the most stringent form of FedRAMP accreditation based on NIST and FISMA standards. This comprehensive ATO facilitates all Federal Cloud teaming pursuits, and it is the foundation for all accredited security activity in the Federal Cloud. All enhanced capabilities refer back to this baseline, making us the leading and most agile Federal Cloud Service Provider for all teaming pursuits and agency specific requests.
Link to FedRAMP
- Cloud Compute Our ARC Oven division provides the actual cloud compute in our FedRAMP Authorized Secure Data Centers for all of our licensed partners. It is important to note that the FedRAMP security boundaries include the actual data centers that the compute activity resides. The FedRAMP continuous monitoring requirements for security boundaries are often confused as a firewall and intrusion detection type security presence rather than including the physical location, configuration management, access controls and disaster recovery policies which must also meet the stringent security standards demanded for a FedRAMP ATO.
Once a cloud solution is established as an authorized resource in our secure environment – it is unlikely to be re-engineered or moved – making our cloud offering very “sticky.” This makes our ARC Oven an extremely enduring long term resource for recurring revenue.
- Licensing Agreements Our ARC Oven division develops, negotiates, and maintains the licensing agreements with all of our various Federal Cloud Ecosystem partners, as well as all of the authorization and certification licensing agreements with our associated FedCloud Resources.
The ARC Oven division also promotes exclusive licensing arrangements with strategic suppliers and teaming partners through our Medallion and ARC-PE exclusivity and preferred supplier programs.
At FedCloud Express, we are the only cloud service provider offering an accelerated, secure, and agile accreditation consulting process for the Federal Cloud, and that is exactly what the Federal Cloud Initiative mandates.
Whether a cloud solution provider requires their Software as a Solution [SaaS] services to be FedRAMP accredited [in order to make their services available to Federal agencies], or a Federal agency requires a specific SaaS to be FedRAMP accredited, our FedCloud Express resource is there to facilitate and accelerate the actual FedRAMP authorization process for all of our clients.
FedCloud Express provides the re-platforming and the knitting together of new architecture for companies that require a FedRAMP ATO for their SaaS services. Once we successfully take a SaaS through the FedRAMP process, we continue to generate revenue from the consumption of our cloud services through our application partner’s SaaS compute activity in our cloud. And, once we are established as their CSP, clients become reliant on us for ongoing FedRAMP compliance services like managed support services and continuous FedRAMP security monitoring.
FedCloud Express provides four unique venues for FedRAMP authorization [all Powered by ARC-P].
- FedRAMP Joint Authorization Board [JAB] FedCloud Express offers an accelerated path to authorization through the JAB process. The FedRAMP Joint Authorization Board [JAB] approves eligible cloud solutions for processing and evaluation. This is the desired route for SaaS FedRAMP authorization. ARC-P was the first to receive the FedRAMP Authority to Operate through this process, and we are clearly the leader in this category.
There’s a long line …
- Federal Agency Sponsorship Because the Joint Authorization Board is backlogged, FedRAMP now allows Federal agencies to take desired cloud solutions through the FedRAMP certification process independent of the FedRAMP JAB. Agencies can now leverage the FedRAMP PMO process and the JAB-approved FedRAMP security authorization requirements and tools as a baseline when initiating, reviewing, granting and revoking security authorizations for cloud services.
At FedCloud Express, we are uniquely positioned to provide these Federal agencies [and their sponsored SaaS providers] with the efficacy necessary to successfully navigate the accreditation process. Currently, we are the only viable resource for agencies to utilize for this accelerated process that leverages control inheritance across our existing accredited platforms, and it is all powered by ARC-P.
- Teaming Partner Pursuits [Lead Resource in Award Capture] With FedCloud Express, we provide consultative cloud engineering and proposal response consulting for Federal Award Pursuits. Our deep involvement with FedRAMP and DISA as the only independent, service oriented CSP provides us with a framework for the creation of successful award pursuits in the new Federal Cloud Ecosystem [Amazon provides AWS pricing packages to multiple systems integration partners and provides no support or ongoing services]. Our work includes making the SaaS work in the ARC-P cloud and packaging it for FedRAMP.
As a key teaming partner, we are engaged to assist in systems architecture and design in order to guide our partners through the FedRAMP process for the award pursuit. Once we secure a Federal Award, we generate revenue from the consumption of our cloud services through direct task orders that must utilize our cloud [as per our teaming agreement].
- FedCloud Express App Builder [ARC-WRX] Our FedRAMP Authorized ARC-WRX accelerated application deployment program facilitates both the buildout of specific Federal agency desired SaaS solutions as well as the eventual creation of a FedRAMP Certified App Store operating within our FedRAMP security boundaries.
Our ARC-WRX PaaS trusted cartridges provide the environment to accelerate the building, certification, and deployment of secure Federal cloud applications. Product built in ARC-WRX is immediately ready for 3PAO and Federal Agency specific certification.
In addition to our FedRAMP Certified IaaS, our new FedRAMP Certified PaaS Platform [ARC-WRX] facilitates an accelerated build out for certifying desired SaaS solutions, advancing our well-earned reputation as the most responsive FedRAMP Cloud Service Provider.
Our forthcoming app store marketplace platform will handle complex billing relationships between users, service levels, billing intervals, free trials, one-time fees, introductory pricing, upgrades, and renewals. Additionally, the platform will empower customers to manage their own subscriptions and provision users on demand within their own cloud environments. FedCloud Express fully intends to provide the app store for the entire FedCloud Ecosystem, thereby disrupting and transforming the entire Federal Cloud supply chain.
Link to “First to DOD” article:
In addition to providing accelerated authorization for our clients through FedCloud Express, Autonomic Resources also provides the necessary and continuing services demanded by FedRAMP authorized activity through our FedCloud Secure division.
FedCloud Secure also provides the FedRAMP cloud security boundaries and consulting services for the private sector, especially critical infrastructure industries such as energy, healthcare, insurance, legal, accounting, and financial.
- Security Consulting Services
Our FedCloud Secure Security Consulting practice offers a wealth of experience across a variety of today’s top security challenges. Our certified consultants represent some of the top talent in the industry, and we pride ourselves on our ability to tackle security challenges of any size for Federal Agencies and Federal Government software suppliers.
We have the experience necessary to assist agencies and SaaS providers in the management of the comprehensive Federal Information Security Management Act [FISMA] and associated NIST-800 controls. We are also uniquely positioned to assist SaaS providers and agencies with the FedRAMP Security Package.
- Cloud Service Provider [CSP] Services
In essence, cloud computing delivers common ground among application developers, telecommunication providers, and hardware-software providers. This translates into a significant set of business requirements including: robust, high-performance networks; strong customer relationships; application delivery expertise; the continual infusion of innovation; customer self-service functionality; future customer needs predictions; and flexible, integrated Operations Support Systems [OSS] and Business Support Systems.
Autonomic Resources’ FedCloud Secure CSP consulting services provide our Federal Cloud customers with the expertise they need to plan, transition, implement, and manage systems in the new cloud integrated computing world.
- Real Time Compliance and Risk Management
FedCloud Secure has established FedRAMP authorized measures, metrics, status monitoring, and control assessment frequencies that alert users to changes in information system infrastructure and environments of operation. The system reports the status of security control effectiveness in a manner that supports continued operation within acceptable risk tolerances.
Our Continuous Monitoring as a Service [CMaaS] program collects the data required for the defined measures and features automated collection, analysis, and report generation. Our software analyzes the report results and provides remediation strategies based on test outcomes.
This continuous monitoring approach extends to clients and software providers operating in our ARC-P cloud, assuring the highest levels of security as required by FedRAMP and DISA. Our continuous monitoring approach makes security and accreditations real and on-going.
All of our FedCloud Secure services are becoming increasingly necessary [and desired] in the commercial market. We are prepared to facilitate any American based and owned company.
FedDROP delivers the most secure cloud storage.
FedDROP will provide premier secure file access, syncing, and sharing services that are both FedRAMP and DISA accredited for use by all Federal Government Agency employees. With this exclusive combination of certifications, FedDROP will be the only service of its kind available for immediate use by the Federal customer base. FedDROP will also meet the security requirements for all State and Local government users, expanding our total addressable market to 40 million+ potential users in the government space alone.
The commercial enterprise user offers a lucrative potential market as well, especially in critical infrastructure industries such as energy, healthcare, insurance, legal, accounting, and financial.
Although all of the traditional storage vendors are vying for increased market share across the entire government sector, no supplier has taken a FedRAMP first approach to the delivery of a simple secure cloud-based end-user file access, syncing, and sorting capability. Our unique certified cloud architectural design and go-to-market strategy will allow FedDROP to quickly capture market share and create a viral adoption rate among government and commercial enterprise users.
The unauthorized use of cloud-based file sharing services inside government agencies has become so significant that IT analysts have dubbed it the Dropbox problem. In a recent research report, Gartner warned, “consumer-grade file sync and share solutions are a risk to most organizations’ sensitive data.”
To be clear, the Dropbox problem is not isolated to one vendor. It is more broadly defined to mean the use of any cloud-based file sharing vendor that targets individuals [i.e., consumers and employees] with simple, inexpensive file sharing solutions. These services are seductively accessible – often free, and requiring only a name and email address – yet they are functional enough to cause irrecoverable security breaches when unknowingly misused by well-intentioned employees. FedDROP, however, combines the usability and productivity users demand with the power and flexibility government agencies and commercial enterprise users need to keep data access under control with FedRAMP accredited secure file sync and share.
FedDROP will provide our subscription users universal access to their files through a certified web interface. We will also provide them with a secure platform to easily view and sync contacts, calendars, and bookmarks across all of their devices, while enabling basic editing right on the web.
- Access Data Our users will be able to store their files, folders, contacts, photo galleries, calendars, and more on a server of their choosing. They will access their folders from their mobile device, desktop, or a web browser; enabling access to their data wherever they are, when they need it.
- Sync Data Our users will be able to keep their files, contacts, photo galleries, calendars, and more securely synchronized amongst their devices. One folder, two folders, and more – they will be able to get the most recent version of their files with the desktop and web client or mobile app of their choosing, at any time.
- Share Data A key feature of the FedDROP service is the ability of users to share selected files. FedDROP eliminates a common source of security breaches: well-intentioned employees that use non-secure third-party file sharing websites. File attachments that are too large for email can be shared easily via FedDROP, ensuring that sensitive files remain within a FedRAMP and DISA certified-secure environment. FedDROP provides employee ease-of-use while maintaining the security practices valued by government IT professionals.
FedDROP’s capabilities are delivered via a FedRAMP accredited ARC-WRX Trusted cartridge on the ARC-P IaaS cloud. FedDROP will be extendable via a simple but powerful API for applications and plugins. FedDROP is accredited by the FedRAMP JAB for general use among all civilian agencies and by DISA for use throughout the Department of Defense.
The fact of the matter is that we have a world-class cloud environment [ARC.P] that has a unique understanding of FedRAMP mission. ARC.P is almost limitless in its potential capacity, and it is virtually expandable and adaptable to almost any data center. Fortuitously, FedRAMP needs more data centers to successfully navigate the ATO process, and ARC Secure Data Centers provide a resourceful solution.
FedRAMP is authorizing us to decouple our FedRAMP IaaS ATO to serve as the foundation for the accelerated processing of any appropriately outfitted data center.
With FedRAMP’s endorsement, we will further facilitate the Federal Cloud mandate by taking qualified data centers through the authorization process. This authorization applies directly to physical data centers that FedCloud Express has authorized under our FedRAMP security boundary, and it will facilitate the resale of managed hosting and colocation under our FedRAMP accreditation.
ARC Secure Data Centers various client facilities will be authorized as the most secure data centers available for Federal government off-premise systems [and provide a segue to the commercial market, as well]. This means we can offer a security certification that trumps anything in the industry.
The Pivotal and Green Plumb resources from EMC can make this happen. We have the opportunity to provide the entire Fed space with certified product that delivers much-desired and secure Big Data Analytics. This is slated as a 2015 venture.