Oracle Cloud Infrastructure (OCI) has introduced a new Secure Cloud Computing Architecture (SCCA) for the U.S. Department of Defense (DoD).
The solution helps make security compliance and cloud adoption for mission-critical workloads easier, faster, and more cost effective by using a framework of cloud native services.
SCCA is a DoD security framework designed to provide a standard approach for boundary and application-level security for the Defense Information Systems Agency (DISA) Impact Level 4 and 5 data hosted in commercial cloud environments. Historically, SCCA compliance has required significant investment from DoD mission owners in the form of independent development efforts and third-party software licensing. The cost and time result in a significant challenge during cloud migrations.
Oracle Cloud Native SCCA Landing Zone provides a framework for securely running DoD mission workloads and storing Impact Level 2, 4, and 5 data in OCI government regions. The automation provided by the solution enables DoD mission owners to establish a compliant security architecture in just a few hours or days, instead of months. It uses cloud native infrastructure services, significantly accelerating the time to deployment of mission critical workloads by reducing architecture time and minimizing decision points.
“Oracle Cloud Native SCCA Landing Zone is a game changer for our customers. What we are doing is fundamentally different,”said Rand Waldron, VP, OCI Global Government Sector. “We will deliver all the capabilities necessary for SCCA completely in native OCI services. Our customers will no longer have to manage multiple licenses, multiple vendor relationships, or multiple kinds of security configurations. Our SCCA solution will provide everything the customer needs to stand up an SCCA-compliant workload in the cloud.”.
Simplifying and accelerating DoD security compliance
The Oracle Cloud Native SCCA Landing Zone includes baseline configurations, rules, and templates that meet DISA Impact Level 2, 4 and 5 accreditation requirements. This is delivered using a standardized Infrastructure-as-Code (IAC) template that meets a set of SCCA controls in a simplified and repeatable way.
Based on Terraform, OCI Landing Zones allow OCI customers to perform one click, best-practice deployments of multiple Oracle services at once. Customers can launch the templates from the Cloud Native SCCA Landing Zone, answer a few simple questions about their configuration, and have an architecture set up same day.
The solution also addresses the four primary technical components of the SCCA framework; Cloud Access Point (CAP), Virtual Data Center Security Stack (VDSS), Virtual Data Center Management Service (VDMS), and Trusted Cloud Credential Manager (TCCM). Customers who deploy the secure baseline using the Cloud Native SCCA Landing Zone are provided with an architecture guide, implementation guide, requirements checklist, reference architecture, and best practices to accelerate the accreditation of their application on OCI.
Security, compliance, and consistent high performance
The Oracle Cloud Native SCCA Landing Zone script and associated technical documentation are provided at no separate or additional charge under a customer’s contract. Underlying consumable cloud services used to stand up Oracle Cloud Native SCCA in a customer’s tenancy may be billable in accordance with the customer’s contract. Oracle Cloud for DoD services are priced at the same, consistent global pricing as Oracle’s commercial public cloud regions and meet DISA Impact Levels 2, 4, and 5 and FedRAMP+ authorization standards.
Commercial customers can also take advantage of the automated security posture outlined above. All OCI customers can leverage custom security zones with the SCCA and other OCI Landing Zones that allow organizations to apply security policies and prevent changes that could weaken a customer’s security configuration quickly and easily.