A secure and agile pay-as-you-use cloud solution.
ECS-VPC for U.S. Public Sector can help your organization to:
- Support mission-critical workloads
- Mitigate risk of over-investing in infrastructure
- Pay for only the services you consume
- Deploy new managed services securely and quickly within a FedRAMP-compliant environment
- Improve the quality, flexibility and resiliency of services
- Benefit from HP’s service excellence and more than 50 years of Public Sector experience
A proven leader in the cloud security and regulatory compliance arena.
The ECS-VPC for U.S. Public Sector solution has been built from the ground up with security and best practices in mind. It complies with the following regulatory standards:
- FedRAMP Moderate JAB pATO
- FIPS 140-2 encryption (Federal Information Processing Standards 140-2 encryption)
- CIS Level 1configuration benchmarks (Center for Internet Security Level 1)
- HIPAA/HITECH Security and Privacy (Health Insurance Portability and Accountability Act/ Health Information Technology for Economic and Clinical Health)
- ITAR (International Traffic in Arms Regulations)
- FERPA (Family Educational Rights and Privacy Act)
- PCI-DSS (Payment Card Industry Data Security Standard)
- CJIS (Criminal Justice Information System)*
- FISMA (Federal Information Security Management Act)
- DIACAP/DIARMF (DoD Information Assurance Certification and Accreditation Process/Defense Information Assurance Risk Management Framework)*
* Uplift required
HP is one of the first cloud service providers to receive a provisional Authority to Operate (pATO) by the Joint Authorization Board (JAB) of FedRAMP. With this authorization, government agencies can be confident that HP provides the full National Institute of Standards and Technology (NIST) Risk Management Framework allowing clients to build rapidly on a proven compliant platform that is fully managed and continuously monitored by HP. Any agency can leverage HP’s pATO and grant their own ATO without conducting duplicate assessments. HP has further taken independent steps to assess the compliance of the ECS-VPC for U.S. Public Sector against HIPAA and ITAR requirements. A Third-Party Assessment Organization (3PAO) conducted reviews and tests to evaluate ECS-VPC for U.S. Public Sector’s compliance with government requirements and determined that the system complies with both ITAR and HIPAA requirements.