Government and Legal Institutions
Customer Challenges
As data in organizations continue to grow and professionals are dispersed, their IT infrastructure needs to expand. Elasticity and scalability become the key to addressing these problems. Maintaining corporate’s legal data integrity and optimizing storage growth is challenging for many reasons:
- Managing IT infrastructure. Government and legal firms have their offices distributed over the region of an entire country. From legal cases and works, attorneys and employees store file records. Regional offices manage their IT infrastructures independently, including storage and data protection. This lead to a struggle in managing piles of data storages while at the same time catering for the needed storage capacity of the users.
- Backup and recovery. The state of each office’s independency in data protection creates an extra overhead at each site. Regional legal offices do often perform backup to disk procedures to protect their data, adding more to their management overhead.
- Complying with security requirements is a cornerstone to Government and legal firms, making their move to a cloud solution more difficult. Given the sensitivity of the data, legal practices require encrypted cloud services that comply with the necessary security requirements.
- Quick file access & Bandwidth optimization: On average, government and legal firms manage 3 to 17 terabytes of storage per regional office. Transferring huge file sizes cross-site means hours of delay when it comes to retrieving data.
- Storage optimization. A study on the Executive Office of the U.S. Attorneys (EOUSA) shows that about 80% – 90% of the office’s data has not been accessed for the duration of six months and that 15% – 18% of the data was a duplicate. This data can be optimized to achieve improved storage efficiencies and minimize capacity requirements.
- Business continuity. Maintaining vital data and files from corruption and overwrite issues while providing timely backup and Disaster Recovery (DR) solutions is a challenging task. Legal practices require a dependable technique to securely transmit and protect classified data and documents.
StoneFly’s Solution
StoneFly’s Cloud Storage Solutions integrated with Microsoft Azure and Cloud Business Center™ (CBC) services help you get rid of expensive file servers, local NAS, tape infrastructure, tape backups and their associated backup software. Massive floor footprints are saved while at the same time taping access to unlimited Storage capacities on the Cloud, and you pay only for the storage capacity you use.
The Cloud Business Center™ (CBC) solution delivers real-time, actionable data services that are shared across-sites. Enterprise’s ultimate Cloud Services Solution, enabling organizations large and small to implement offsite backup inexpensively with unlimited Cloud Storage, remote iSCSI, remote replication, remote backup, and co-location solutions. Through StoneFly’s console your archived data is retrieved instantly anytime needed, with file transfer times reduced from hours to minutes.
By providing volume encryption services through private cloud storages in your datacenter premises (servers), Cloud Business Center™ makes sure your vital government or legal firm data is secured, transforming a cloud datacenter into a secured private firm datacenter. All your data is encrypted with military-grade AES-256 security before it’s moved to the cloud. What is more, you will be able to securely cache data locally and in private cloud storages.
By storing your data on distributed offsite clouds, StoneFly’s DR 365™ Disaster Recovery (DR) appliance ensures that your corporate is secured from files or data loss due to human error, machine error or up gradation faults. Offsite cloud backup is implemented inexpensively and can be accessed anytime anywhere with unprecedented backup speeds. Your Datacenter data is replicated multiple times in distributed remote locations to insure timely backup if and when disaster strikes ensuring that your vital legal archives are there whenever needed.
Concisely, StoneFly’s Government and legal institution Cloud services provide a high security, real-time access and file sharing solutions. Data volumes are encrypted, eliminating file versioning and providing file integrity. Storage scaling is unlimited and you pay only for the capacity you use. Fear of data loss and maintaining Institution’s continuity is no longer a concern with StoneFly’s DR 365™ Disaster Recovery (DR) appliance.
Using FedRAMP as an Option:
Building a secure system or a tiered system for a FedRAMP environment does require some thought into the process. Building of the architecture like the network, the server, the application software, the storage, all of these items are factors when you build out a system designed that will go through the FedRAMP process.
It’s important to understand that FedRAMP is an ATO (Authorization to Operate) used within federal governments, providing a standardized approach for assessing and monitoring the security of cloud products and services.
It is also used for building a secure and repeatable system that can scale properly and stay within those security boundaries. This is certainly something that applies to any industry within the market today.
Horizontal Scalability: Non-Impactful Change
Building that secure system design or that foundation is very important, and one of the key critical items is the implementation of a non-impactful architecture. This means essentially that you can add capacity to your infrastructure without changing the configuration of the component that’s being expanded. You don’t have to go back through the authorization process or redefine your security controls.
The same operating system will reside on old storage nodes as well as the newly added nodes, so all that you have to do is add capacity. That is what we call a non-impactful change it does not change the core security value or health or strength of that ATO environment or that baseline.
Build of Materials: Designing a secure and repeatable environment
The FedRAMP environment has to include everything that will impact that environment, i.e. the hardware and the software. All of the hardware, your servers, your storage, your key management servers, your firewalls, IDS and IPS all of the hardware has to be included inside of your build of materials, and you have to be able to associate all of those hardware components with one another in an architecture. All of the production architecture, backup architecture, test and dev architecture have to be extremely clear in the system design on both the hardware and of course the software that rides on top of that hardware to execute and to deliver all of the requirements that are defined within the NIST families or controls. Things like configuration management, system management, backup and access control, inventory, all of that needs to be included from hardware and software perspective.
The Process
You have to include a process that you’re going to use to do all of this work so remediation, systems management, how does your staffing model look from who owns the system (hardware &software) and how you are going to deal with a geographically dispersed environment. That’s how does data center ‘A’ and data center ‘B’ look like in the FedRAMP environment.
You’re also going to need a 3PAO (Third Party Assessment Organization) to inspect your environment; create a penetration and a report that can be given to the Joint Authorization Board (JAB) and General Services Administration (GSA). The 3PAO is what helps you create, validate, and make sure all those controls are in good shape. Please consult your stonefly for your government requirements,
Stonefly has deployed its Citified FedRAMP solution in all the Microsoft datacenters.
The Delivery
The last thing that you should consider in your system design is how you’re going to deliver this service, what accounting program are you going to use, how are you going to onboard new virtual machines and new requirements from users, how you’re going to allow them to do self-provisioning or restrict some forms of self-provisioning. All of these things become critical design criteria’s that are included in the system design that you need to consider before taking the step down the FedRAMP road.