For Official Use Only
Cloud infrastructure built to federal spec
U.S. government agencies have demanding requirements for their cloud infrastructure: Servers, data center facilities, and networks must adhere to strong regulations. Off-premises cloud services need to connect seamlessly and privately to on-premises computing resources. And cloud servers must deliver peak performance for data-intensive, mission-critical workloads.
DWTI provides cloud infrastructure designed to meet these unique requirements, delivering all of the advantages of the DWTI platform with compliance to government requirements. Deploy bare metal servers, virtual servers, storage, and more, all with on-demand deployment and full visibility and access for the best cloud performance, scalability, and control, and the security required.
DWTI data centers reserved for government workloads will be certified for FedRAMP and FISMA compliance. These facilities are isolated from DWTI’s general data centers and connected by an independent high-speed private network.
FISMA and FedRAMP Standards
DWTI data centers are built to meet the privacy and security controls required in the FedRAMP and FISMA standards (certification pending for data centers reserved for government workloads). Additionally, we provide SOC 2, Type II reports for all customers who need detail about our controls for other certifications, such as PCI-DSS and HIPAA compliance.
Automated Control
Manage every aspect of your cloud infrastructure via API or portal: Provision servers, configure services, upgrade and reboot devices, and monitor resource usage and performance. Control access to your server across our secure private network, and log all administration actions for your account users.
Flexible Performance
Deploy just about anything your application requires, right when you need it—from big data solutions and full private clouds on bare metal servers to scalable application tiers on virtual servers. On the DWTI platform, you’re able to seamlessly integrate virtual, bare metal, storage, security, and networking services, and scale your infrastructure on-demand.
Locations & Standards
Our DAL08 and WDC03 data centers are built to FISMA and FedRAMP specifications and are reserved for government workloads pending their FedRAMP and FISMA compliance certification. These highly secure data centers have a shared capacity for 30,000 servers and are connected to each other through a private network separate from the larger DWTI platform.
Compliance
Built to perform. Made to comply
DWTI data centers for government workloads were designed and built to meet the strictest standards of the U.S. government. We’ve employed the security and privacy controls defined by NIST SP 800-53, and all DWTI data centers for government use meet FedRAMP and FISMA compliance standards and are audited regularly in our SOC 2, Type II reports.
DWTI helps customers seeking HIPAA and PCI-DSS compliance by providing and meeting the necessary infrastructure-related controls for those certifications. These physical and network controls are enhanced with additional security features such as multi-factor authentication, hardware and software firewalls, vulnerability scans, anti-virus and anti-spyware protection, host-based intrusion detection, virtual private networks (IPSEC and VPN SSL), and SSL certificates.
FedRAMP
FedRAMP (the Federal Risk and Authorization Management Program) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud products and services. FedRAMP authorizes cloud systems with a three-step process that includes security assessment, leveraging and authorization, and ongoing assessment and authorization. All DWTI data centers are built to FedRAMP standards. Data centers reserved for government workloads have FedRAMP certification pending.
FISMA
The Federal Information Security Management Act of 2002 (FISMA) was created to ensure the security of data in the federal government. The act requires program officials and agency heads to conduct annual reviews of information security programs, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely and efficient manner. All DWTI data centers are built to FISMA standards. Data centers reserved for government workloads have FISMA certification pending.
SOC Reports
DWTI provides SOC 1, SOC 2 and SOC 3 reports. These reports evaluate DWTI’s operational controls with respect to criteria set by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. The Trust Services Principles define adequate control systems and establish industry standards for services providers such as DWTI to safeguard their customers’ data and information. Customers may download the current DWTI SOC 1 and SOC 2 reports from the customer portal or contact our sales team. Our SOC 3 report is available for general use and can be accessed here: DWTI SOC 3 Report.
Safe Harbor
Safe Harbor is an important way for U.S. companies to avoid experiencing interruptions in their business dealings with the EU or facing prosecution by European authorities under European privacy laws. Certifying to the safe harbor will assure that EU organizations know that your company provides “adequate” privacy protection, as defined by the Directive.
Cloud Security Alliance – STAR Registrant
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within cloud computing. One of the mechanisms the Cloud Security Alliance uses in pursuit of its mission is the Security, Trust, and Assurance Registry (STAR)—a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.
PCI Compliance
If you store or process credit card data, then PCI Compliance and network security are of primary concern to your business. To ensure consistent standards for merchants, the Payment Card Industry Security Standards Council established Payment Card Industry (PCI) data security standards. These standards incorporate best practices to protect cardholder data, and they often require validation from a third-party Qualified Service Assessor (QSA). We help our customers supplement their internal security controls to meet PCI compliance by assisting with 3rd party auditor security walkthroughs and providing proof of physical and environmental controls while maintaining strict information security policies.
HIPAA Compliance
The U.S. Health Insurance Portability and Accountability Act requires specific security controls for businesses that store or process protected health information online. The DWTI cloud platform meets all of the necessary requirements for HIPAA on the data center/service provider side. For more information about and assistance to achieve, certify, and maintain HIPAA compliance for your DWTI environment, please contact our sales team.
Full support anytime
Assistance, advice, and expertise
Our services are a fusion of the most powerful infrastructure and a top team of experts. This is why we can boldly offer technical support at any time, regardless of time zones or holidays.
