For US government organizations and their supporting companies, Oracle Cloud Infrastructure (OCI) has expanded its list of authorized services. With new DISA IL5 and FedRAMP High approvals, Oracle US Government Cloud and Oracle US Defense Cloud customers can move faster, modernize securely, and boost productivity with proven, compliant capabilities. These newly approved services include OCI Generative AI, Exadata Cloud@Customer, MySQL HeatWave, OCI Cache, Virtual Desktop, Document Understanding, Oracle Access Governance, Exadata Fleet Update, Compliance Documents, and Full Stack Disaster Recovery.

“Oracle always brings our most powerful technology to government customers. OCI GenAI brings the latest models in a managed service that is easy to use and integrate, and Exadata Cloud@Customer extends our mission-critical database cloud services into our customer’s most important locations. Agencies win, and citizens are better served, with Oracle.” said Rand Waldron, vice president, Oracle.

Providing increased performance and ease of use

The newly approved services join our portfolio of DISA- and FedRAMP-authorized Oracle offerings. The following services are now authorized at DISA Impact Level (IL) 5 in Oracle US Defense Cloud and at FedRAMP High impact level in Oracle US Government Cloud:

  • OCI Generative AI is a fully managed service that provides access to leading-edge AI large language models (LLMs), helping customers automate tasks without the need for reengineering. OCI Generative AI empowers customers to:
    • Boost productivity and efficiency through task automation, reducing time, cost, and resource demandsInterpret government policy and effectively apply it to areas such as benefits administration, code enforcement, and other regulatory challengesAutomate data interpretation and reporting by processing large volumes of data, identifying patterns, and summarizing key findings
    • Support citizens and employees through communication with AI-powered chatbots, virtual assistants, and automated response systems
  • Exadata Cloud@Customer delivers full-featured Oracle database in the customer’s data center.
    • When agencies need FedRAMP or DISA IL5 compliance and prefer to keep databases in their own data centers, Exadata Cloud@Customer provides enhanced physical control of data and infrastructure alongside existing stacks.
  • MySQL HeatWave is a fully managed MySQL Enterprise Edition database service architected for massive performance to efficiently run transactions, real-time analytics across data warehouses and data lakes, and automated generative AI and ML. The service overcomes the limitations of traditional data warehouse environments that use periodic long-running extract, transform, load (ETL) batch jobs to refresh the data. Customers can achieve 99.99% uptime and reduce their operational burden with fully automated provisioning, scaling, patching, backups, and recovery.
  • OCI Cache provides fully managed Valkey and Redis service built for scalability and availability to deliver submillisecond latency. OCI Cache can propel web applications and real-time analytics with a simple and flexible interface while maintaining a fully open architecture.
  • Virtual Desktop allows users to securely deploy Linux or Microsoft Windows desktops accessible by users anywhere, providing standardization, administrative control, and simplified support with compelling cost advantages. Virtual Desktop offers a spectrum of flexible shapes that supports evolving compliance objectives.
  • Document Understanding is an AI service that uses prebuilt models to automate extraction of text, tables, and key data from document files. Document Understanding offers a cost-effective method to support business processes associated with accounts payable, expensing, and content management.
  • Access Governance provides policy-driven access provisioning across applications, clouds, machines, and databases—reducing IT tickets, increasing security, and decreasing administrative overhead. Access Governance enables easy discovery and monitoring of accounts, identities, policies, and permissions. It also uses AI to learn patterns and anomalies, while automating access control and provisioning processes.
  • Exadata Fleet Update automates database fleet updates and orchestrates updates across the stack, minimizing maintenance windows without the need for custom development.
  • Compliance Documents allows for quick and easy access to attestations, audit reports, bridge letters, and certificates directly from the cloud console, API, or command line interface (CLI).
  • Full Stack Disaster Recovery automates recovery of business systems without the need to redesign or rearchitect existing infrastructure, databases, or applications. Customers can simplify their disaster recovery strategy and implementation, minimize risk, and allow testing and simulation of disaster recovery activities.

To attain these approved services, Oracle utilized a FedRAMP-recognized third-party assessment organization (3PAO). The service offerings were then reviewed by technical representatives from DISA for IL5 provisional authorization, and by FedRAMP for approval within OCI’s FedRAMP Authorized (High) offering.

FedRAMP is the federal government program that sets the standard for assessing, authorizing, and monitoring cloud systems’ security. Similarly, DISA offers a variety of compliance and security assessments to authorize cloud systems for use by DoD and federal organizations. By attaining authorization from both FedRAMP and DISA, Oracle’s government customers and the companies that serve them—including those working to achieve Cybersecurity Maturity Model Certification (CMMC) compliance—can be assured that Oracle’s cloud offerings have been thoroughly reviewed and approved by leading technology officials.

Additional Resources