You are viewing limited content. For full access, please sign in.

Question

Question

Status of LF Cloud compliance with Impact Level 5 (IL5) DoD guidelines?

Laserfiche Cloud
Updated March 18
asked on October 20, 2020

Is there anything in the works to certify Laserfiche Cloud to be compliant with the Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG)?  I have a large Army client asking as they are considering possible expansion of their existing on-premises installation. 

Here is a statement about the compatible Microsoft products:  "DISA Cloud Service Support has granted a DoD Impact Level 5 PA for Microsoft Azure Government for DoD.  DISA has also granted Office 365 U.S. Government Defense a DoD Impact Level 5 PA. Impact Level 5 covers Controlled Unclassified Information (CUI) deemed by law, other government regulations, or the agency that owns the information and needs a higher level of protection than Level 4 provides. It also covers unclassified National Security Systems.

See further information explaining IL5:  https://docs.microsoft.com/en-us/microsoft-365/compliance/offering-dod-disa-l2-l4-l5?view=o365-worldwide

Thank you for any information on this issue. 

0 0

Answer

APPROVED ANSWER
replied on October 21, 2020 Show version history

Update March 18, 2025:

Laserfiche is pursuing GovRAMP/FedRAMP Moderate authorizations for Laserfiche Cloud only in AWS Commercial regions. There are no plans for a separate Laserfiche Cloud deployment in AWS GovCloud at this time.

The previous guidance that customers with IL 3-5 workloads self-host Laserfiche in AWS GovCloud, Azure Government, or other data center environment with an authorization for the necessary Impact Level still holds.

--------------

Hi Bruce,

Laserfiche Cloud is hosted in Amazon Web Services (AWS) regions with DISA Impact Level (IL) 2 Provisional Authorization (PA). The AWS GovCloud regions have Impact Level 2-5 PAs. See: AWS DoD SRG Compliance.

While we are exploring bringing Laserfiche Cloud to AWS GovCloud to address the needs of government customers with IL 3-5 workloads, that deployment is not on the short-term roadmap.

At this time we recommend customers with IL 3-5 workloads self-host Laserfiche in AWS GovCloud, Azure Government, or other data center environment with a PA for the necessary Impact Level.

1 0
replied on October 21, 2020

Excellent info, Samuel ! I appreciate the recommendations !!

1 0

Replies

You are not allowed to reply in this post.
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...