SaaS company solidified Azure cloud strategy to meet FedRAMP compliance

Cloud Foundation Framework helps the company meet FedRAMP requirements and secure a new government contract.

Business Challenge

Winning a government contract is a big achievement. It takes months, and sometimes years, of diligence and hard work. New business in the public sector brings many benefits, but it also creates new requirements and responsibilities for the service provider.

For one SaaS company, securing a new government contract was contingent on the company’s ability to meet FedRAMP (Federal Risk and Authorization Management Program), a strict set of federally-mandated requirements for cloud products and services. At the time, the company operated 15 data centers around the world and had no public cloud footprint. Though the company’s application was cloud-ready, it was designed to run only in a private cloud environment.

The company needed an ecosystem to run its software that complied with FedRAMP. But to establish that ecosystem within its own data centers would take a long time to achieve and require a substantial investment.

To address this challenge, the company decided to use Microsoft Azure Government, Microsoft’s cloud service designed specifically for government agencies. But to meet the contract requirements, the IT team needed to architect and build the Azure environment quickly and ensure it met all FedRAMP specifications. As a result, they reached out to Lightstream for help.

Solution

The first step was to assess the company’s existing environment—infrastructure, security requirements, application dependencies, and processes—and design Azure to meet both the application needs and FedRAMP requirements. This was done by performing a Cloud Foundation Framework engagement.

Next, Lightstream cloud experts built the new environment. The Azure platform was implemented using a design blueprint, which was created during the framework engagement and defined all the technical specifications for the new environment. The work included defining the Azure architecture, implementing all infrastructure (IaaS) components, networking services, Azure SQL, security, and app services needed to make the platform operational.

The final step was validating the environment. Lightstream specialists helped the company execute a proof of concept (POC) project. The company’s application was deployed to Azure and tested to ensure it functioned properly and met all FedRAMP specifications.

Business Outcomes

Successful Migration to Azure Government

Through the Cloud Foundation Framework engagement, the company was able to successfully migrate all its production instances to Azure and meet FedRAMP regulations. This enabled the organization to deliver on the requirements specified in the contract, expanding the company’s presence in the public sector space and increasing its revenue.

CMMC and FedRAMP-compliant Platform

The company’s Azure environment met all FedRAMP requirements and CMMC (Cybersecurity Maturity Model Certification) compliance. This established a platform the company can use to pursue more public sector business opportunities in the future, especially those that require CMMC compliance.

Positioning for Future Cloud Migration

With its cloud strategy firmly set, the company is now positioned to migrate additional workloads and data storage from its existing data centers to the cloud. This will enable them to leverage the cloud’s scalability, flexibility, and operational advantages to lower data center costs over time, address skill-gap challenges, and remove facility-based barriers to growth.

Contact Information

To learn more about how Lightstream Managed Services can help you architect, implement, and manage a hybrid cloud environment that meets your business needs, visit Lightstream Managed Services.