Written by Leo Taddeo – CISO and President, Cyxtera Federal Group on January 27, 2020
A Commitment to Building Security into the Fabric of Our Products
We all know that meeting a security compliance standard does not make a product secure. After building the CXD Federal Edition platform to meet FedRAMP High standards, I’m not so sure that adage is true. Most security frameworks take a “check the box” approach that fails to match the security controls to the level of the impact that would result from a breach. The FedRAMP High standards are different; these controls these controls take a risk-based approach that is designed to protect the government’s most sensitive, unclassified data in cloud computing environments, including data that involves the protection of life and financial ruin.
The journey to Cloud Smart
The 2019 Federal Cloud Computing Strategy (“Cloud Smart”) is the first update to the government’s cloud strategy in seven years. This high-level strategy is intended to drive cloud adoption in federal agencies by encouraging them to focus on applications rather than infrastructure alone in their data center optimization efforts. This will require them to modernize legacy applications using APIs, microservices, and cloud computing. Cyxtera Federal Group helps agencies meet these goals by providing highly secure, cloud-like solutions to enable cost-cutting technologies such as virtualization, containerization, hyper-converged infrastructure (HCI), software-defined infrastructure (SDI), and automated infrastructure management. Security is the key to helping agencies adopt these technologies and drive to the cloud.
Why go through the pain of meeting the FedRAMP High standard?
When the engineers at Cyxtera set out to build a flexible cloud-like platform for our colocation customers, the company’s heritage as a secure infrastructure provider dictated that security be at the top of the list of requirements. The rigor, redundancy, and integration of the FedRAMP High standards were the natural choice. Sure, we had to take extra steps to satisfy the standard, but the overall security value is well worth it.
It wasn’t easy
CXD is designed to meet a broad range of workload needs. In order to meet FedRAMP High Impact level standards, our security teams instituted redundant and overlapping controls. These include higher security organizational and service standards, such as enhanced monitoring capabilities and reduced detection and response times. We also deploy enhanced security infrastructure, including SIEM, IDS, DNS traffic inspection, HIPS, and host-based vulnerability detection. As if these controls aren’t enough, we also deployed malicious code execution protection, anomalous behavior detection, and anomalous conﬁguration detection. Each of these tools are hardened to meet the same FedRAMP High Impact Level standards.
A secure alternative to public cloud
Cloud computing and hyper-converged infrastructure (HCI) rank in the top four of I.T. priorities for federal organizations. As the threat environment becomes more complex, public cloud is not the answer for most sensitive workloads. With the FedRAMP High security standard in place, agencies can take advantage of CXD Federal Edition to obtain the control, cost-savings and security of dedicated infrastructure with the provisioning speed, financial advantages and agility of cloud. Learn more here.