Jump to Content
Security & Identity

More FedRAMP High authorized services are now available in Assured Workloads

May 24, 2024
https://storage.googleapis.com/gweb-cloudblog-publish/images/Security_2022.max-2500x2500.jpg
Archana Ramamoorthy

Senior Director, Product Management, Regulated and Trusted Cloud

Try Gemini 1.5 models

Google's most advanced multimodal models in Vertex AI

Try it

Google Cloud's commitment to empower federal agencies with advanced technology reached a significant milestone this week with the addition of more than 100 new FedRAMP High authorized cloud services. Customers in the U.S. government and commercial organizations supplying the U.S. government can now use popular Google Cloud products authorized for FedRAMP. These products include several Vertex AI services, Cloud Build and Cloud Run, Cloud Filestore, as well as powerful security controls on our secure-by-design, secure-by-default cloud platform such as VPC Service Controls, Cloud Armor, Cloud Load Balancing services, and reCAPTCHA.

Several government agencies are already taking advantage of Google AI services. Covered California is automating parts of the documentation and verification process when residents apply for coverage, verifying more than 50,000 health care documents monthly with an 84% verification rate. Minnesota is improving access to driver and vehicle services, serving 67% of Minnesota's non-English speaking population with bidirectional, real-time translation through virtual agents using Translate AI and DialogFlow.  

Google Cloud provides the most extensive data center footprint for FedRAMP High workloads of any cloud service provider, with nine U.S. regions to choose from. These additions to our FedRAMP service catalog provide organizations even more capabilities for infrastructure modernization, app modernization, and enhanced data analytics.

A software-driven approach to cloud compliance

Our software-defined community cloud approach to delivering FedRAMP authorized services offers multiple benefits, in addition to meeting strict security and compliance requirements. New hardware, new services, and improvements to existing services can be made available faster than in traditional government clouds. This model helps us improve overall efficiency because of the scale of infrastructure available to the community with improved availability, performance, and reduced cost. 

Nowhere do the advantages of this approach stand out more than in Google Cloud’s ability to bring advanced AI infrastructure and services to U.S. government customers and suppliers who are now able to use the high performance, cost-effective AI infrastructure that’s present in all of our U.S. regions with FedRAMP authorized services.

Taking advantage of expanded services

Many customers with regulatory compliance needs, such as NASA and Palo Alto Networks, can benefit from this expanded set of services.  

Being able to leverage all these same actual products and services with Google Cloud incorporating compliance requirements in a software-defined way allows a holistic policy-as-code approach which can dramatically change the way federal agencies manage risk across these portfolios,” said Collin Estes, CIO, MRI technologies, working at NASA, at Google Cloud Next in April. “Moving from large scale manual risk and management to DevSecOps-centric workflows will shift compliance and security left to unlock innovation at a rapid pace. As a lead architect at NASA, this model is accelerating several key digital transformation efforts forward.”.

“With this expanded set of JAB authorized services, Palo Alto Networks has already begun to utilize additional data analytics and AI capabilities to learn new threats and detect zero-day-threats so that we can enforce zero trust, improve security protection mechanisms and map into new areas of innovation for threat detection for our federal customers,” said Michael Clark, senior manager, product management, SASE, Regulated Industries and Public Sector, Palo Alto Networks. “With these new services, we have been able to unlock brand new capabilities to address the needs of our federal customers.”

Configuring FedRAMP environments with Assured Workloads

Google Cloud customers use Assured Workloads to configure resources and services for their FedRAMP environments. Assured Workloads is integrated into the Google Cloud Console, which makes setting up an Assured Workloads folder easy.

https://storage.googleapis.com/gweb-cloudblog-publish/images/image1_fCZNKFi.max-500x500.png

We also provide a terraform-based approach for developers to automate configuration of FedRAMP environments. 

Customers can migrate existing Google Cloud workloads into an Assured Workloads controlled environment. The Analyze Move API helps simplify migrations by highlighting incompatibilities that should be addressed before moving current projects into an Assured Workloads program like FedRAMP.  

Assured Workloads also provides visibility into the compliance state of FedRAMP workloads via Assured Workloads Monitoring. This tool can help you spot and remediate compliance violations, and provide control attestations to auditors of your compliance state.

Take the next step

To give Assured Workloads a try, you can sign up with our free trial program. You can also watch a breakout session from this year’s Google Cloud Next on how to meet public sector requirements on Google Cloud and read the Assured Workloads documentation for more information.

Posted in