Approximately four years ago, Telos began working with AWS to enable Xacta to both integrate with and run on the AWS cloud. About two years after that, understanding how difficult the FedRAMP process can be, we launched an effort to greatly reduce the barrier to entry for organizations wishing to sell quality software as a service (SaaS) to the federal government.
We then built Xacta 360 FedRAMP, an application to assist customers in understanding, documenting and automating their way through FedRAMP. We were quickly approached by representatives at Rackspace, who were very interested in using Xacta to build and maintain compliance evidence. They too had significant interest in helping organizations obtain and maintain FedRAMP authorization. Essentially, we were kindred spirits.
What ensued over the course of the last two years has been a great partnership between Rackspace and Telos. Rackspace Government Solutions wholly bought into the overwhelming value of our approach to controls inheritance, and created the Rackspace Inheritable Security Controls (RISC) program, powered by Xacta. As a result, Rackspace customers who use RISC get access to Xacta 360 to help document their portion of FedRAMP requirements and are able to inherit all shared and fully implemented controls provided by Rackspace as a function of being their MSSP. Additionally, those customers also get access to recommended controls implementation (RCI), which explains in detail what configurations or functions they need to enable or document in order to meet the customer’s portion of the shared information assurance controls.
While this alone is impressive, Rackspace last week announced it had obtained FedRAMP Moderate authorization for its services on AWS. For organizations that have AWS subject matter expertise, but do not want to manage the day-to-day operations of their solution, taking advantage of Rackspace, AWS, and Telos can amount to a reduction of over 80% of the FedRAMP effort.
I have personally been working with Rackspace Government Solutions for two years, and can attest to their exemplary ability to help organizations maintain a good security posture by providing outstanding tools and services. We’re excited to be partnered with them to bring about real value for FedRAMP customers.
The Empower and Protect Blog brings you cybersecurity and information technology insights from top industry experts at Telos.