We designed the Rackspace Government Cloud Secure Configuration Baseline (RGCSCB) to support government cloud workloads, delivered to the customer as an Amazon® Machine Image (AMI).
Rackspace hardens the Red Hat Enterprise Linux® (RHEL) and Microsoft® Windows Server® operating systems to a secure configuration baseline and provides updated AMIs and compliance scan results monthly.
After spending over a decade in the Department of Defense, let’s just say that I’m intimately familiar with secure operating systems. I was a user of them the entire time, and I was actually responsible for their development and deployment for the entire agency for around three years. So when it comes to building, maintaining, and deploying an operating system baseline compliant with the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), I can confidently say that it can be a pain in the you-know-what.
This fact makes me so excited that we can bring RGCSCB to market so that hopefully, lots of people and organizations can avoid the frustration and irritation of trying to create a STIG image that doesn’t break all the things they actually need to work while it does its job. RGCSCB deploys with a high level of STIG compliance out of the box, making it the perfect foundation on top of which to build your organization’s secure baseline.
Rackspace is a FedRAMP authorized CSP, and as a result, we are subject to strict compliance guidelines when it comes to operating system security. Rackspace is responsible for securing, creating, and providing the AMI, and a corresponding compliance report, in accordance with the Secure Configuration Baseline. Rackspace plans to provide updated AMIs and reports every month. At a minimum, the Secure Configuration Baseline implements a subset of the DISA STIG benchmarks but might include additional modifications and Rackspace-defined controls. RGCSCB provides you on-demand access to the same secure and compliant baseline we provide to our managed security and compliance customers. You can purchase RGCSCB on-demand directly from the AWS Marketplace for both Windows and RHEL.
Any controls in addition to, or instead of, STIG controls might, or might not, be acceptable for use by government agencies. The customer’s responsibility is to ensure there is no conflict of applicable laws, Executive Orders, directives, policies, regulations, or other mandated compliance requirements.
Within the U.S., Rackspace Technology remains a leader in the FedRAMP authorization-enablement space, powering 16 FedRAMP ATOs built on our managed service. We provide 24x7x365 hybrid-cloud management, operational support, and security services as a packaged, on-demand, audited, and pay-as-you-go service. Rackspace Technology also handles approximately 80% of the operational and documentation burden of your environment’s security and compliance requirements to help you receive a FedRAMP ATO.
Learn more about Rackspace FedRAMP Services
Use the Feedback tab to make any comments or ask questions. You can also click Sales Chat to chat now and start the conversation.