AMERICAN SYSTEMS’ Cloud Computing services provide a vendor-neutral enterprise approach to planning, migrating, and operating mission critical applications and infrastructure within the cloud. These services are designed to help the DoD, Intelligence Community, and other government agencies make the right decisions for leveraging cloud computing. Not all applications and systems are right for the cloud. Many factors need to be evaluated in order to determine the best strategy for moving operations to the cloud. The ultimate goal is to ensure your cloud investment can be justified by an overall reduction in operational and support costs while at the same time maintaining security, performance, and availability.
Three Cloud Computing services are offered:
Cloud Computing Implementation Consulting
Using our five-stage process, we will analyze your mission objectives, existing architecture, and computing infrastructure in order to determine exactly which systems are best suited for the Cloud. The cloud architecture must be properly designed and optimized in order to derive the full strategic benefit. We will provide a detailed analysis of the design, predicted cost savings, overall performance, security, risks, and availability of the Cloud solution. The outcome will be a successful cloud computing solution executed by experienced AMERICAN SYSTEMS technical experts.
Cloud Computing Solution Integration Services
AMERICAN SYSTEMS provides turn-key systems that incorporate cloud computing as a component of the IT overall solution. This service is a good fit for agencies that are developing new applications, expanding mobile device access to information systems, integrating legacy IT systems, and securing their infrastructure. AMERICAN SYSTEMS has extensive experience in software development, identity management & PKI, database migration, Information Assurance (IA), systems engineering, computer networking, and 7x24x365 help desk support. The value added services transforms the Software as a Solution (SaaS), Platform as a Solution (PaaS), or Infrastructure as a Solution (IaaS) cloud design into a highly scalable and reliable information system. All system designs can be implemented in a private, public, hybrid, or community environment.
Cloud Computing Security Audit Services
A key concern for many organizations moving into the cloud is security. AMERICAN SYSTEMS cloud computing security audit service is designed to assess the client’s current security posture within the cloud both from a technical and process standpoint. AMERICAN SYSTEMS engineers will perform DIACAP and FISMA certification of the computing environment. Our engineers have extensive experience performing FISMA and DIACAP 8510.01 C&A services for MAC Level I, II and III systems. We will validate the sites’ security control implementation and its ability to maintain an acceptable IT security posture.
We perform identification, verification, and remediation of all DODI 8500.2 controls and generation of DIACAP artifacts. All required activities will be performed under guidance of the Government Information Assurance Manager (IAM) and Information Assurance Officer (IAO). We will also coordinate with the government’s Designated Accreditation Authority (DAA) who is responsible for granting an Authority to Operate (ATO) for the system. We provide remediation advice for any deficiencies discovered during the audit and will ensure that you understand their overall context within the framework of web application security.
In the future, the government will leverage FedRAMP (The Federal Risk and Authorization Management Program) authorizations in order to provide a standard approach to Assessing and Authorizing (A&A) cloud computing services and products. Although FEDRAMP will provide significant savings toward security certification, agencies will still need services for security risk management and privacy activities related to agency-specific usage of the information systems. AMERICAN SYSTEMS can provide the security audit, risk management, and continuous monitoring to cloud providers or as an independent third party auditor.