Identity & Security

Supporting federal agency compliance during the pandemic (and beyond)

If digital transformation was only a trend a few years ago, it’s now quickly becoming a reality for many federal government agencies. The COVID-19 pandemic has pushed all kinds of agencies to reconsider the timelines and impact of their digital initiatives, whether this means moving core technology infrastructure to the cloud, rolling out more modern productivity tools for government employees, or using artificial intelligence to better deliver citizen services.

At Google Cloud, we continue to help federal agencies of all sizes tackle their trickiest problems as they rapidly transform and digitize. At the same time—building on our FedRAMP High authorization announcement from last year—we’re committed to pursuing the latest government certifications, such as the Department of Defense’s (DoD) upcoming Cybersecurity Maturity Model Certification (CMMC), to ensure federal agencies and the vendors that work with them are fully compliant.

Applying intelligent automation to assist the U.S. Patent and Trademark Office

Recently, Accenture Federal Services (AFS) was awarded a position on the U.S. Patent and Trademark Office (USPTO) Intelligent Automation and Innovation Support Services (IAISS) blanket purchase agreement (BPA), a multi-contract vehicle. The five-year BPA includes piloting, testing, and implementing advanced technologies, including intelligent automation, artificial intelligence (AI), microservices, machine learning, natural language processing, robotic process automation, and blockchain. The goal of IAISS is to transform business processes and enhance mission delivery, and it’s expected to be a model for the federal government nationwide. 

AFS and Google Cloud previously worked with the USPTO to help the agency’s more than 9,000 patent examiners rapidly perform more thorough searches by augmenting their on-premise search tools with Google’s AI. The new solution—created by merging Google's machine learning models with Accenture's design, prototyping, and data science capabilities—helps extend examiners' expertise during the patent search process.

Supporting secure cloud management at the Defense Innovation Unit

We also recently announced that Google Cloud was chosen by the Defense Innovation Unit (DIU)—an organization within the Department of Defense (DoD) focused on scaling commercial technology across the DoD—to build a secure cloud management solution to detect, protect against, and respond to cyber threats worldwide.

The multi-cloud solution will be built on Anthos, Google Cloud’s app modernization platform, allowing DIU to prototype web services and applications across Google Cloud, Amazon Web Services, and Microsoft Azure—while being centrally managed from the Google Cloud Console. The solution will provide real-time network monitoring, access control, and full audit trails, enabling DIU to maintain its strict cloud security posture without compromising speed and reliability. As a pioneer in zero-trust security and deploying innovative approaches to protect and secure networks, we’re looking forward to partnering with DIU on this critical initiative.

Supporting Cybersecurity Maturity Model Certification (CMMC) readiness

Finally, while COVID-19 has driven a lot of how federal agencies are working day-to-day, the need for strong cybersecurity protections is as important as ever. At Google Cloud, meeting the highest standards for cybersecurity in the ever-evolving threat and regulatory landscape is one of our primary goals. In January of this year, the DoD published the Cybersecurity Maturity Model Certification (CMMC), a new standard designed to ensure cyber hygiene throughout the DoD supply chain. 

While the CMMC standard is not yet operational, the CMMC Advisory Board has advised cloud providers to conduct gap analysis against NIST SP 800-53, NIST SP 800-171, and preliminary versions of CMMC requirements. We’ve contracted with a third-party assessor to perform preliminary analyses of Google Cloud against the underlying CMMC controls, and we’re confident we’ll be able to meet the currently proposed controls—and to provide our customers with the right guidance to empower them in their CMMC journeys. 

For questions about Google’s existing compliance offerings, FedRAMP, or the CMMC, please contact Google Cloud sales. You can also visit our Compliance Resource Center and Government and Public Sector Compliance page to learn more about how we support your specific compliance needs. And to read more about our work with the public sector, including how we’re helping support agencies through the pandemic, visit our website.