Federalist and Compliance
Articles,  Blog

Federalist and Compliance

of course so let’s now talk about
compliance into a time check we’re doing just fine timelines okay so there’s two
things that Federalist has for compliance and I’m speaking here
specifically to give you especially folks on line in the room tools that you
can use with your security team and oh I should have repeated a question that’s a
good call so the question that Catherine no that Margo asked was can you repeat
the question one more time so I didn’t do that oh yeah is our the web design
standards like bootstrap and bootstrap being a tool for starting up websites
pretty easily thank you for the reminder Jeremy okay so let’s say that you want
to use Federalists and now you have someone from your internal IT shop
that’s like what is this thing where did it come from
who are you you know that kind of thing here’s the toy that you need to answer
it there’s two pieces remember how I talked in the first and that first slide
about the infrastructure in the platform well Federalist itself is supported by
infrastructure and platform it’s not running on a data center it’s running
inside in Amazon Web Services data center or set of data centers that are
all working together via however they run their backend Amazon Web Services
that’s provides all of the servers and infrastructure and management of the
hardware and we use a few different services that they use the first one is
called s3 that stands for secure scalable storage and it’s their back-end
hosting service and then we use their content delivery network called cloud
front and we use HTTP that work in that that builds into the Amazon CloudFront
the important thing for your security folks to know is that this it has a
FedRAMP PA tio for those that don’t know what FedRAMP is that ramp is a program
where DoD DHS and GSA combined authorize a system and therefore make it pretty
easy to use and leverage and Federalist is just sitting on top of the work that
Amazon already did admit to be secure however it’s not inevitable that we’re
always going to be hosted on Amazon the stuff that runs federalists could also
be hosted on other infrastructures we’ve just done one so far in a you know time
saving time saving time saving and efficiency move the other piece here is
cloud gov a platform as a service if you don’t know about cloud backup I’d
suggest you go to cloud back tough but cloud Agathe is a
platform that’s built on top of Amazon Web Services that does the vast majority
of the things that we need for an ATO so it all remember that giant one list of
white compliance and security requirements in the top end cloud bag of
is handling most of those for me Federalist is only responsible for a
small portion of them and I’m really thankful to the cloud backups program
and all the people running it because they make it possible for Federals to do
what it does on top of these things Federalist has done the work
individually as I awake my computer backup to get an authority to operate
from GSA that’s leveraging the FedRAMP certification of AWS and of cloud gov so
Federalist has an authority to operate and it’s our view that you can use
Federalists as long as your agency is willing to trust the ATO the GSA is
granted that ATO is not very complicated mostly what it’s doing is thing we’re
using different parts of cloud gov to work together and if you’re furious on
the technical back-end I don’t cover it in this presentation but you can go to
Federalist – Doc’s at 18f gov or if you go to Federalist 18 F gov you can go to
the documentation page linked at the top and you can look at the how Federalist
works screen it’ll show you a diagram of all the pieces there but basically we’re
using a bunch of stuff from cloud bag of and GSA has allowed us to ATO how
they’re all assembled together to work together to build out your site

Leave a Reply

Your email address will not be published. Required fields are marked *