Press Release

Veris Group, LLC dba Coalfire Federal, Completes FedRAMP High JAB Assessment of Additional AWS GovCloud (US) Services

April 4, 2017

AWS CloudFormation, AWS Key Management Service, Amazon Glacier, Amazon Redshift, Amazon SQS, Amazon SNS, Amazon Simple Workflow, Amazon Elastic MapReduce and Amazon DynamoDB on AWS GovCloud (US) are approved for use by FedRAMP at the High categorization level

WESTMINSTER, CO – April 4, 2017 – Coalfire announces the completion of the independent assessment of additional services within the Amazon Web Services (AWS) GovCloud (US) under the Federal Risk and Authorization Management Program (FedRAMP). These services were all assessed at the FIPS 199 High security categorization level, which is the highest categorization level of FedRAMP. The services newly authorized under FedRAMP High in the AWS GovCloud (US) Region include database, storage, data warehouse, security and configuration automation solutions that will help AWS customers increase their ability to manage data in the cloud. The following services are now provisionally authorized within the AWS GovCloud (US) region:

  • AWS CloudFormation (CF)
  • AWS Key Management Service (KMS)
  • Amazon Glacier
  • Amazon Redshift
  • Amazon Simple Queue Service (SQS)
  • Amazon Simple Notification Service (SNS)
  • Amazon Simple Workflow Service (SWF)
  • Amazon Elastic MapReduce (EMR)
  • Amazon DynamoDB (DDB)

FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. 

Acting as the FedRAMP third party assessment organization (3PAO) for AWS, Coalfire validated that these additional services met the FedRAMP security requirements for high impact level systems. The previous AWS GovCloud (US) ATOs issued by the FedRAMP JAB included: Simple Cloud Storage Service, Elastic Compute Cloud, Elastic Block Store, Identity and Access Management, Virtual Private Cloud, CloudTrail, CloudWatch Logs and Relational Database Service [Oracle, MySQL, Postgres]. More information on the approval of these AWS services can be found on the AWS Security Blog

“With this provisional authorization, AWS has greatly increased their FedRAMP High authorized services. Some of these services, like Key Management Service, are widely used by Government Agencies and existing AWS Partner Network (APN) members. This authorization paves the way for agencies and partners to use these services knowing that they have been independently tested and validated,” said Michael Carter, VP, FedRAMP & Assessment Services at Coalfire. 

Cloud service providers preparing for the FedRAMP process with another 3PAO or considering FedRAMP should contact Coalfire to provide an independent review of their readiness or progress towards FedRAMP. Coalfire is the leading FedRAMP 3PAO completing more than 70 FedRAMP assessments resulting in JAB Provisional and Agency ATOs for cloud service organizations.

About Coalfire

Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, healthcare, retail, payments, and financial industries. Coalfire’s approach addresses each businesses’ specific vulnerability challenges, developing a long-term strategy to prevent security breaches and data theft. Coalfire has offices throughout the United States and Europe.