When it comes to public cloud, government agencies no longer need to make tradeoffs between speed and security. We are excited to announce that Prisma Cloud, part of Palo Alto Networks Government Cloud Services, has achieved a Federal Risk and Authorization Management Program (FedRAMP) Moderate Authorization. Agencies can now gain a comprehensive view of their dynamic, distributed environments, even across multiple public cloud service providers (CSPs). Prisma Cloud enables complete resource visibility, policy monitoring, forensics, anomaly detection, threat detection with automated response and compliance reporting – all without impeding DevOps. As U.S. government agencies accelerate their Cloud First to Cloud Smart adoption, they measure any tool against the three pillars for success: security, procurement and workforce.
Here is how Prisma Cloud can support your agency’s successful transition to the cloud.
Security: Multi-Cloud Visibility and Threat Detection
Public sector and commercial organizations alike find it challenging to identify and manage cloud assets, as well as to understand their configuration, security status and compliance posture. This lack of visibility, multiplied by the differences between the numerous CSPs in the market, has led to cloud misconfigurations becoming very common. For example, the Unit 42 Cloud Threat Report, 2H 2020, found that 24% of organizations do not have multi-factor authentication (MFA) enabled on their cloud administrator accounts and 66% of organizations do not rotate their access keys every 90 days. This can have a real impact: Cloud misconfigurations can lead to data breaches. The 2020 Verizon Data Breach Investigations report found that 30% of public administration data breaches were caused by cloud misconfigurations.
Prisma Cloud, part of Palo Alto Networks Government Cloud Services, delivers continuous visibility, compliance assurance and automated threat coverage across multi-cloud environments. Agencies can monitor posture, detect and quickly respond to misconfigurations, vulnerabilities and other threats that might lead to data leaks. They can maintain consistent security while dramatically reducing alert volume, configuration errors and cloud security tools.
Agencies are able to monitor and put standardized security controls in place for all cloud assets across AWS, Azure and Google clouds from a single console.
Procurement: Speed of Adoption
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. FedRAMP supports Cloud Smart’s procurement strategy of consistency across agency implementations and information sharing on best practices. Your agency can leverage Prisma Cloud’s existing authorization to streamline your agency’s authorization, so you can begin securing your CSP environments in days. As a cloud-delivered service, Prisma Cloud deploys quickly and dynamically discovers existing and newly deployed resources.
Workforce: Empowering Federal IT
Demand for technology professionals with cloud computing skills is at an all-time high. Training, retaining and hiring ‘cloud smart’ staff is a priority for federal CIOs and one that has a significant impact on their ability to deliver on their missions. Most agencies utilize services from multiple CSPs, each with their own implementation intricacies, compounding these challenges further. Prisma Cloud enables agencies to make more effective use of the human resources they have by securing, monitoring and protecting multiple CSP services. Staff can consistently protect multi-cloud environments without having to master multiple security tools. Prisma Cloud has reduced alert volume and cloud configuration errors for many organizations, allowing IT and Security Operations to spend their time more productively. With support for every major compliance framework, Prisma Cloud enables IT to easily monitor compliance posture and generate audit-ready reports with a single click.
With Prisma Cloud, agencies no longer have to choose between investing in security, speed and skillsets. Prisma Cloud takes a frictionless, cloud native approach to security which means your agency can now move at the same speed as the cloud. Agencies can achieve their missions while improving their cyber resilience with a preventive approach, accelerated incident response and better management of the increasing volume, variety and velocity of cyberattacks across cloud environments.
Learn more about how Palo Alto Networks and its FedRAMP Authorized cloud products, including Prisma Cloud, can help secure federal networks.
The Cloud Security Posture Management (CSPM) capabilities of Prisma Cloud are part of the FedRAMP Authorized environment. Agencies requiring Cloud Workload Protection Platform (CWPP) capabilities can use Prisma Cloud Compute Edition. This capability runs within a customer’s environment (whether it be GovCloud, public cloud or air-gapped environments) and does not require FedRAMP authorization.