The Defense Information Systems Agency (DISA) is an agency of the US Department of Defense (DoD) and is responsible for developing and maintaining the DoD’s Cloud Computing Security Requirements Guide (CC-SRG).
The CC-SRG defines standardized security requirements for cloud services that host DoD information, systems and applications, and gives the DoD a framework for assessing the security of a cloud service offering.
Compliance with the SRG is required for any cloud service provider that will host DoD information.
IBM Cloud for Government (IC4G) is DoD DISA Impact Level-2-authorized, and supports all major US government standards and regulations.
IBM Service Descriptions (SDs) indicate if a given offering maintains DoD DISA Impact Level 2 compliance status. Services below are assessed each year.
Services
- Fortigate Security Appliance
- Gateway Appliance
- Hardware Dedicated Firewall
- IBM Cloud Backup
- IBM Cloud Bare Metal
- IBM Cloud Block Storage
- IBM Cloud Direct Link Connect
- IBM Cloud Direct Link Dedicated
- IBM Cloud Direct Link Dedicated Hosting
- IBM Cloud File Storage
- IBM Cloud Load Balancer (Dedicated options)
- IBM Cloud Object Storage (IaaS)
- IBM Cloud Virtual Servers
- Microsoft MySQL
- Microsoft SQL Server
- VMware