blog FedRAMP hero 1

Why Rescale’s FedRAMP Authorization is a Competitive Advantage for Your Business

| |

Today’s digital ecosystem is fraught with risk especially given our increasingly connected lives and a climate of geopolitical instability and cyber crime. A recent survey revealed that “84% [of respondents] claimed to have suffered one or more successful cyber-attacks in the past 12 months, with over a third (35%) saying they’d experienced seven or more” (Trend Micro 2022). As organizations adopt new tech-based solutions to empower employees with connectivity and collaboration, IT leaders and administrators will be hard at work trying to mitigate the risk that comes with this exciting frontier. 

Building a Techy Business Doesn’t Have to be Risky Business

As a cloud-native company serving global innovators with highly secure computational capabilities across nearly every industry, Rescale is proud to be awarded the FedRAMP Authority to Operate (ATO). This is a momentous milestone for our team and the culmination of years of building to the highest security standards and collaborating with our federal customer sponsors and the General Services Agency (GSA). This puts Rescale in rarefied air among few companies authorized at this high level of security. 

FedRAMP is a prerequisite to being able to offer many technology services to the federal government especially for advanced research and development that impacts a wide variety of applications across government initiatives. Rescale’s authorization matters for both public and private sector businesses alike, especially in a landscape where new technologies are offering significant gains and cybersecurity risks still present clear and present danger.

As technology leaders shift away from legacy on-premise infrastructure to cloud services, the US Federal Government has had quite a problem on its hands. On-premises security was a known entity – often replete with vulnerabilities in multiple areas. How would the Federal Government change this paradigm and shift toward consumption of cloud services? Given the massive number of technical providers (e.g. private sector contractors) to the US federal government, how would they make the process efficient, secure and repeatable? 

In 2011, the FedRAMP program was established to address exactly these issues. According to GSA, FedRAMP is a government-wide program “that provides a framework for federal agencies to secure cloud services and products that comply with White House and National Institute of Standards and Technology (NIST) requirements. FedRAMP’s primary objective is to provide a reusable security authorization model by which Agencies can obtain safe, secure cloud service technologies to help modernize Federal IT.” 

The NIST Cybersecurity Framework remains the gold standard for cybersecurity standards, best practices, and operations. As a matter of fact, most other cybersecurity frameworks borrow heavily from NIST, yet do not reach the level of comprehensiveness that NIST does.

What it Takes to be FedRAMP Authorized

When it comes to FedRAMP, there are three levels that can be attained – FedRAMP Low, Moderate, and High. 

Once a cloud service provider (CSP) attains a level, they are officially authorized to operate (ATO) at that level for all federal government customers.  This means branches of the Federal Government can now use that CSP to do business under certain set standards – something that isn’t possible without that granted ATO.

The FedRAMP levels increase in security posture and operational maturity as you move from low to high. The process entails readiness assessments, a full security assessment, and finally a formal authorization process facilitated by the General Services Administration (GSA). Only after thorough internal and external 3rd party audits can a CSP attain any of the FedRAMP authorization levels. 

The process is so meticulous, that as of this writing, only 258 authorizations have been granted out of the many thousands of cloud services on the market. That averages out to just 21 authorizations granted per year for the entire history of the FedRAMP program. 

Safe to say that attaining FedRAMP ATO is no simple task.  Nor should it be.

The First and Only FedRAMP Platform for End-to-End Cloud-HPC

In the first quarter of 2022, Rescale attained FedRAMP Moderate Authority to Operate (ATO) for the ScaleX Government platform, opening the door to federal government organizations to be able to use high performance computing, built for the cloud. 

ScaleX Government allows federal agencies and contractors to process engineering and simulation workloads securely in the cloud – meeting all requirements set forth by the NIST Cybersecurity Framework. 

This means that Rescale ScaleX Government meets all of the requirements for Federal Information Processing Standards (FIPS) validated cryptography for all data in transit (DIT) and data at rest (DAR), as well as the multitude of operational process requirements via the Rescale Secure Development Lifecycle (RSDL).

If you’re not familiar with any of these acronyms, just know that it means that for every potential security risk, Rescale has built a safeguard against it. 

Rescale delivers these services as a secure turn-key package built to handle the security needs of the modern federal government’s information technology requirements. Furthermore, the same security hardening present in our FedRAMP offering extends to all of our production platforms around the globe so that commercial enterprises can benefit from the enhanced level of security that the Rescale ScaleX Government platform offers to our federal customers. 

FedRAMP Blog Additional Image

FedRAMP Benefits Reach Beyond Federal Agencies and Contractors

Most governments around the globe are currently in some stage of digital transformation or modernization. This stage of transformation has created a massive need for software solutions to digitize, automate, and optimize outdated processes, among which cloud-based solutions have raced to offer quick deployments and attractive cost models. However, due to fear of terms like “shared” and “public” cloud, in addition to very real security mishaps and vulnerabilities, many governments remain cautious when evaluating cloud services. As a result, security and compliance standards have emerged in many nations – standards like FedRAMP.

Today, FedRAMP is not just recognized as a leading standard in the United States, but also around the world. Because its requirements are so stringent, many private sector organizations even use it as a proxy for thorough security audits. Security and compliance auditors at organizations in virtually every country and industry who conduct security evaluations, will factor in FedRAMP as a significant step in ensuring their employee, customer, and IP data are secure.

Rescale Was Built with Security Top of Mind

Because Rescale teamed with America’s top rocket ship builders from its very conception, the Rescale platform has always put security first.  Now, that security mindset has brought us where few are able to go, including when it comes to cybersecurity.

For Rescale, customers spanning industries from aerospace to life sciences, utilizing FedRAMP authorized vendors means faster time to market for their goods and services. 

Aerospace and defense contractors can bring new aircraft to market faster because they can certify that their R&D practices were conducted in a secure environment.

Similarly, life science researchers working with federal funding can certify that patient data has been kept secure to the highest industry standards. This assurance can cut significant time off of development and commercialization time by eliminating the need for long and cumbersome procurement, deployment, and security audit processes. 

It’s no secret that countries around the world are pouring investments into computing power to enable next-generation technologies. Rescale is proud to offer businesses around the globe a solution that not only makes high performance computing more accessible and efficient, but is quite literally built to the highest security standards. 

We are confident that Rescale’s principle of offering high performance built for the cloud will translate to a competitive business advantage for all who use it.  With Rescale, you can deploy new hardware and software technologies faster and capture greater value with a cloud-native strategy. Today, scientists, researchers, and engineers can access over 800 of the latest software and thousands of high performance computing architecture configurations, available with peace of mind industry-leading security and compliance.

You can read more about our recent FedRAMP announcement here.


  • Ernest de Leon

    Ernest de Leon leads the Rescale Security and Trust Office, tasked with securing Rescale systems and customer data within the scopes of major frameworks such as SOC 2, ISO 27001 and FedRAMP. Ernest enjoys esoteric discussions about cryptography, zero trust security, and theoretical physics.

Similar Posts