As compliance on AWS continues to evolve and we all work to make it more actionable and consumable, Barracuda is excited to work with AWS on Authority To Operate (ATO) set of compliance controls. Barracuda is one of only a few inaugural AWS Technology Partners included in the ATO on AWS program. This is a new program that was announced at the AWS Public Sector Summit earlier this month.
What is Authority to Operate (ATO)?
ATO is one of those giant, nightmarish accreditation things which certain Federal agencies require for any solutions they leverage. In simple terms, ATO represents the formal authorization to operate a certain business product in a federal agency. This authorization is given after the Designated Approving Authority (DAA) for that agency has certified that the business product in question has met the requirements for operation. The ATO process used to represent 16-24 months of grueling reports, audits, and validations, as well as several meetings with various Federal authorities. ATOs are granted on a per-agency basis, so you can imagine how time-consuming this has been for the agencies that operate under these rules.
ATO is one of two types of FedRAMP authorizations for cloud services. These authorizations provide a framework that ensures the security of federal data in cloud environments.
AWS (Amazon Web Services) is FedRAMP certified and has built a federal cloud business that dwarfs all others. Working with ATO authorities and other agencies, AWS was able to identify resources, strategies, and ISVs who can help streamline the Authority to Operate process. With AWS and an authorized partner, agencies can push through the ATO accreditation process in six months or less. That’s a lot of time and money that can be taken from compliance management and put back into the core business of the agency.
In the referenced blog https://aws.amazon.com/blogs/apn/authority-to-operate-on-aws-helps-public-sector-partners-accelerate-security-and-compliance-for-customers/ they callout the 24 inaugural ISV partners included in the AWS on ATO Program – including Barracuda.
Barracuda is an AWS Advanced Technology Partner (highest level) and the only AWS security partners with two products validated with the AWS Partner Competency Certification, which means we have demonstrated our expertise, suitability, and capability in helping customers achieve and maintain regulatory compliance requirements with AWS. We have two AWS security competencies plus a new SaaS security solution that leverages the AWS Security Hub that was launched this week at AWS re:Inforce 2019.
Being a top tier APN Technology Partner means that our products meet the AWS advanced criteria and provide customers with a truly easy-to-use and powerful solution in the AWS Cloud. Being included in the ATO on AWS program is validation from a market leader that security is no longer just about keeping organizations safe from attacks and threats. Modern security is also about understanding how being compliant with security best practices is almost as important – get secure and stay secure.
Barracuda Products for Amazon Web Services
The cloud can be made even more secure than your on-premises environment, but only if you choose the right products to enhance your basic AWS infrastructure. Get started here.
Rich is the Director of Public Cloud Product Marketing at Barracuda. He joined the team as part of the acquisition of C2C Systems in 2014. Rich is one of Barracuda’s public cloud experts – he works directly with the cloud ecosystems and has been quoted in eBooks from Microsoft on public cloud security. He is also a frequent contributor to Barracuda’s own cloud blogs. For our cloud motions, he helps develop strategies and execution with our partners and sales teams.
You can email Rich at email@example.com.