FedRAMP High Cloud Architecture Platform

Customer’s business model is to sell their products such as SDWAN, 5G, and Unified communications to Federal and state agencies by offering the solution as an PaaS/SaaS with end-to-end managed services using public cloud infrastructure. This requires them to be compliant with FedRAMP standards and be listed in the FedRAMP marketplace. Customer was looking for a scalable solution that enables them to achieve FedRAMP High accreditation and accelerate the ATO process within a stringent timelines of less than 11 months.

Hitachi Digital Services designed and implemented a compliance platform in the public cloud to support both PaaS & SaaS based model with all the security controls required for FedRAMP High compliance. The platform provides a highly scalable and resilient environment to host multiple products and applications across a multi-tenant architecture.

• Deployed a highly secured landing zone in AWS gov cloud aligning to SCCA architecture and DoD SRG in 11 months.
• Complete platform deployed through Gitlab pipeline using TF automation scripts and Ansible playbooks.
• All applications, tools and services hardened to meet NIST 800-53 r5, STIG and FIPS 140-2 standards.
• Accelerated ATO process by taking a security-by-design approach & compliance automation through OSCAL and ServiceNow GRC.
• 15+ industry leading tools hosted within the platform to provide a robust security and compliance management.
• Created new processes and workflow automation through Okta, CyberArk and ServiceNow integration.
• Implemented ZT architecture principles and a multi-level defense strategy using Mulesoft API gateway as a Policy Enforcement Point (PEP).