Case Study

Scale AI Achieves FedRAMP® Ready Status in Less than 90 Days

March 8, 2023
Blog Images 2023 cs Scale AI 814x460 1

To diversify and augment a competitive advantage into new markets, Scale AI’s executive team seized the opportunity to expand the company’s cloud services to government agencies. The artificial intelligence (AI) data platform and machine learning (ML) company decided to pursue FedRAMP® authorization but needed help navigating the complex FedRAMP requirements to quickly achieve Authority to Operate (ATO).

CHALLENGE

“We were approached by the federal government to work on some mission-critical AI/ML initiatives; to take advantage of the moment, we couldn’t afford the typical 18-month FedRAMP authorization timeline. Working with Coalfire and AWS, we achieved FedRAMP authorization with lightning speed, hired more salespeople, and started onboarding new clients faster than we ever thought possible.”

– ALEX LEVINSON, HEAD OF SECURITY, SCALE AI 

Cloud services with AI/ML functionality are in high demand within the federal marketplace, and Scale’s platform was ideal for government agencies seeking to leverage these new computing methodologies. However, attaining FedRAMP ATO is an expensive, time-consuming process, and the company’s engineering resources were already spread thin serving existing clients.

Scale was under intense pressure to gain first-to-market advantage. Competitive risk was too high and the timing too critical to risk delays for a formal request for proposal (RFP) process.

APPROACH

With big contracts at stake, Scale hired Coalfire, the leading FedRAMP advisor and Third Party Assessment Organization (3PAO). Coalfire has brought more than 1,200 organizations and cloud service providers to audit-ready status affordably and in record time and has experience with 70% of all new FedRAMP ATOs.

Because Scale’s offerings had to be optimized and scalable given the controlled and classified nature of the services delivered to essential government agencies, the company tapped Amazon Web Services (AWS). AWS has a wide range of FedRAMP High and DoD IL5 compliant services and a strong, existing working relationship with Coalfire.

Scale employed these AWS services: Amazon Elastic Container Registry, Systems Manager, Amazon ElastiCache, Amazon EC2, AWS Key Management System, AWS Virtual Private Cloud (VPC), Amazon DynamoDB, Amazon Relational Database Service, Amazon Route 53, Amazon CloudWatch, AWS Lambda, AWS Step Functions, Amazon S3, AWS Secrets Manager, Amazon Athena, AWS WAF, Amazon Simple Queue Service, Amazon Simple Notification Service, AWS CloudTrail, AWS Identity and Access Management, AWS CodeCommit, and Amazon EventBridge.

Scale wanted support throughout the FedRAMP journey, including advisory, migration, and ongoing system management. Coalfire’s FastRAMP 360 solution was the perfect fit, as its comprehensive approach to a smarter, faster, and simplified FedRAMP journey could give Scale that valuable first-to-market advantage by delivering the AI/ML functionality the federal government critically needs.

Advise

Coalfire began by understanding Scale’s goals and then helped define Scale’s strategy, investment needs, and anticipated ROI, which secured internal buy-in. After helping Scale understand the FedRAMP and agency sponsorship process, Coalfire developed a comprehensive business strategy for moving forward.

Migrate

Efficiencies from the AWS FedRAMP-ready cloud platform and Coalfire’s Accelerated Cloud Engineering (ACE) methodology and Cloud Managed Services (CMS) team enabled Scale to establish FedRAMP auditreadiness with unprecedented speed.

ACE simplifies the compliance process by utilizing pre-engineered, automated modules to develop secure, audit-ready cloud environments in as few as 60 days and at up to 80% less cost than the average operational expense. As part of Scale’s team, Coalfire’s CMS advisors and assessors helped Scale architect, operate, and remain compliant with the FedRAMP framework.

Operate

Coalfire’s CMS team continues to support Scale by conducting required compliance- and patching-related activities to ensure ongoing availability and compliance with the system.

RESULTS

With help from Coalfire and AWS, Scale achieved FedRAMP audit-ready status in less than 90 days, with more than 50% OpEx savings. The traditional approach takes more than 18 months, which, for Scale, would have meant lost revenue opportunities and delayed time to market.

With continuous monitoring from Coalfire CMS, Scale overcame staffing and engineering issues and can now focus intently on selling to the federal government and acquiring new clients.

Now able to work within classified environments, Scale has won some of the largest contracts in its history, including a $100 million engagement with the Army Research Lab. By handling infrastructure, computing, and storage costs with full FedRAMP assurance, Scale offers current and prospective government agency clients cost savings and opportunities for innovation.

“FedRAMP authorization gives us tremendous business growth opportunities,” said Levinson. “We’ve made massive gains managing vulnerabilities across our platform. Building ML models and AI capabilities in these environments remains labor-intensive, time-consuming, and computationally expensive. However, Coalfire’s CMS team has our back, and AWS provides secure, reliable scalability when we spin programs up to the cloud. As a result, we’ve helped our government clients do more within their budgets and operate more like nimble Silicon Valley R&D companies by increasing the speed and results of their experimentation.”