FedRAMP, more formally known as the Federal Risk and Authorization Management Program, provides a standard approach to federal security assessments, authorizations, and monitoring of cloud services. With FedRAMP, once a cloud provider is approved to provide a set of services or applications to one branch of government, other departments can use that service without getting a new security authorization.
With FedRAMP authorization in place, a federal agency can more quickly move an application or database workload that’s running in a government-run data center into Oracle Cloud Infrastructure. Agencies can also build and launch new cloud-native applications directly on Oracle’s cloud.
Security Designed Deep into Gen 2 Cloud
In Oracle’s Generation 2 Cloud architecture, customers deploy workloads in an Oracle Cloud Infrastructure region, which consists of one or more fault-tolerant physical data centers within the same geographic area, connected with redundant, low latency, high bandwidth networks. Encrypted high-speed, high-bandwidth interconnects exist between regions, enabling cross-region replication for disaster recovery. Regions can connect to external data centers like those run by government agencies or companies, through encrypted high-performance networks.
Oracle’s Gen 2 Cloud Infrastructure was architected with security as well as performance in mind. For example, the software Oracle uses to manage its cloud lives on separate servers, isolated from the servers that run the government or business workloads. With that approach, Oracle does not see customer data—and customer code cannot access Oracle’s cloud control code.
Government agencies also can access Oracle Autonomous Database, announced in March 2018, which automatically takes care of formerly labor-intensive tasks such as backing up, tuning, patching, updating, and securing databases, reducing both cost and human error.
Oracle has a long history of service to the US government going back to the 1970s. Currently, more than 500 organizations at all levels of government use Oracle products and services for public sector clouds, data analytics, security, finance, and citizen services like contact centers and knowledge management.
Oracle's Gen 2 Cloud also includes a set of security services such as locking down customer tenancy to security policy defaults to help avoid insecure configurations; automating monitoring for security misconfiguration and anomalous activity; management for encryption keys, and other credentials or passwords. The Gen 2 Cloud also includes functionality designed to help detect and guard against web-application breaches and Distributed Denial of Service (DDoS) attacks.
Machine Learning and GPUs
The cloud also lets federal agencies tap the latest technology and analytics strategies, including applying artificial intelligence and machine learning. Those techniques often rely on GPU-based computing—graphics processing units—which are used for math-heavy tasks such as high-performance scientific computing, data analytics, and machine learning.
Government agencies can use the cloud to embrace new technologies and also to move existing data center applications to benefit from reduced operating costs, improved efficiencies, and increased scalability, says Scott Twaddle, vice president of product development for Oracle Cloud Infrastructure.
“You’ve spent a lot of time developing those systems, training employees, and building processes that work—that investment spans years or even decades,” Twaddle says. “You don’t want to throw that all away. Gen 2 Cloud lets you move those foundational systems to cloud, improve them, and use that as a launching pad to build the next generation of systems in the cloud.” With Oracle’s Gen 2 Cloud Infrastructure, agencies and contractors can move some data center applications into the cloud right away, while keeping others in the data center, but linked to the cloud—and move them later, if desired.