CSC Platform as a Service Cloud Offering Achieves FedRAMP Certification
News Release -- November 10, 2015
First Secure, Open Source Platform as a Service for U.S. Public Sector Agencies
FALLS CHURCH, Va., November 10, 2015 — CSC (NYSE:CSC) today announced that its cloud ARCWRX Platform as a Service (PaaS) offering has received Federal Risk Authorization Management Program (FedRAMP℠) certification. The ARCWRX Platform was built on OpenShift™ by Red Hat™ and was certified in collaboration with Veris Group, LLC. This marks CSC's second FedRAMP certification for the ARCWRX PaaS offering.
ARCWRX, which resides on CSC’s FedRAMP-approved ARC-P™ platform, is the first true open source PaaS to meet strict standards for highly classified data and the necessary security control standards required for a FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate.
“ARCWRX provides public sector agencies an accredited, secure, cost-effective and agile cloud environment," said John DeSimone, vice president and general manager of CSC’s North American Public Sector. “By leveraging Red Hat’s OpenShift PaaS environment, CSC can offer a path to open source technology for our U.S.-based government customers to optimize ever-evolving cloud technologies."
The ARCWRX PaaS offering is built on OpenShift by Red Hat. CSC designed, tested and certified the application development and runtime platform to meet all necessary federal security control standards. Red Hat and CSC have worked in tandem to deliver ARCWRX on premises and from the CSC government community cloud, creating a more highly secure, cost-effective service for the federal government.
“We’re committed to developing services to help our customers achieve the highest level of security to support their missions,” said Paul Smith, general manager and vice president, Public Sector, Red Hat. “Achieving FedRAMP Moderate JAB authorization for ARCWRX demonstrates this commitment and the power of collaboration with CSC to further drive value for our public sector customers.”
As the FedRAMP Third Party Assessment Organization (3PAO), Veris Group conducted the assessment for ARCWRX against the rigorous FedRAMP Moderate security control baseline. This assessment also included comprehensive penetration tests of the platform and extensive vulnerability scans (operation systems, network devices, databases and web applications) of all inventoried assets. Veris Group also conducted the 3PAO assessment for ARC-P that resulted in first ever FedRAMP accreditation back in 2012.
“We’re excited to be involved in yet another successful FedRAMP engagement with the CSC team,” said Michael Carter, vice president of Veris Group’s Governance, Risk, and Compliance organization. “The dedication of the CSC team throughout the assessment, along with their constant emphasis on security, enabled us to complete our assessment faster than originally anticipated.”
ARCWRX represents an important evolutionary step for application teams wanting to build and run cloud native applications in autoscaling containers, thereby ensuring apps are more portable, are more secure and include inherent DevOps automation that helps reduce time to deployment.
Computer Sciences Corporation (CSC) is a global leader of next generation information technology (IT) services and solutions. The Company's mission is to enable superior returns on our clients’ technology investments through best-in-class industry solutions, domain expertise and global scale. CSC has approximately 70,000 employees and reported revenue of $11.3 billion for the 12 months ended October 2, 2015. For more information, visit the company's website at www.csc.com.