Rackspace Government Cloud Secure Configuration Baseline launches on the AWS Marketplace

Lorenzo Winfrey | April 13, 2021

• General / AWS / Security

We designed the Rackspace Government Cloud Secure Configuration Baseline (RGCSCB) to support government cloud workloads, delivered to the customer as an Amazon® Machine Image (AMI).

Rackspace hardens the Red Hat Enterprise Linux® (RHEL) and Microsoft® Windows Server® operating systems to a secure configuration baseline and provides updated AMIs and compliance scan results monthly.

We comply with strict security guidelines

After spending over a decade in the Department of Defense, let’s just say that I’m intimately familiar with secure operating systems. I was a user of them the entire time, and I was actually responsible for their development and deployment for the entire agency for around three years. So when it comes to building, maintaining, and deploying an operating system baseline compliant with the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG), I can confidently say that it can be a pain in the you-know-what.

This fact makes me so excited that we can bring RGCSCB to market so that hopefully, lots of people and organizations can avoid the frustration and irritation of trying to create a STIG image that doesn’t break all the things they actually need to work while it does its job. RGCSCB deploys with a high level of STIG compliance out of the box, making it the perfect foundation on top of which to build your organization’s secure baseline.

Rackspace is a FedRAMP authorized CSP, and as a result, we are subject to strict compliance guidelines when it comes to operating system security. Rackspace is responsible for securing, creating, and providing the AMI, and a corresponding compliance report, in accordance with the Secure Configuration Baseline. Rackspace plans to provide updated AMIs and reports every month. At a minimum, the Secure Configuration Baseline implements a subset of the DISA STIG benchmarks but might include additional modifications and Rackspace-defined controls. RGCSCB provides you on-demand access to the same secure and compliant baseline we provide to our managed security and compliance customers. You can purchase RGCSCB on-demand directly from the AWS Marketplace for both Windows and RHEL.

Any controls in addition to, or instead of, STIG controls might, or might not, be acceptable for use by government agencies. The customer’s responsibility is to ensure there is no conflict of applicable laws, Executive Orders, directives, policies, regulations, or other mandated compliance requirements.

Conclusion

Within the U.S., Rackspace Technology remains a leader in the FedRAMP authorization-enablement space, powering 16 FedRAMP ATOs built on our managed service. We provide 24x7x365 hybrid-cloud management, operational support, and security services as a packaged, on-demand, audited, and pay-as-you-go service. Rackspace Technology also handles approximately 80% of the operational and documentation burden of your environment’s security and compliance requirements to help you receive a FedRAMP ATO.

Learn more about Rackspace FedRAMP Services

Use the Feedback tab to make any comments or ask questions. You can also click Sales Chat to chat now and start the conversation.

Lorenzo Winfrey

As Product Manager for Rackspace’s Government Solutions (RGS), Lorenzo D. Winfrey is responsible for multiple areas including product vision and strategy, roadmap development, and branding for the RGS portfolio. Lorenzo’s leadership objective is to ensure all our solutions have a customer focus and are built to the highest quality while aggressively pursuing integration of new value added technology. Before joining Rackspace in April 2019, Lorenzo was Chief of Architecture and Standards for the Defense Intelligence Agency (DIA) where he managed a portfolio of over $50 million in annual operating budget. Lorenzo’s extensive career in information technology includes leading DIA’s AWS Cloud Broker Team, managing the operations of the Microsoft System Center Configuration Manager enterprise solution, and pioneering the development and deployment of the agency’s first cloud native, web based application to track near real time cloud spend, utilization and schedule. While serving at DIA, Lorenzo was awarded the Award for Exceptional Civilian Service, the agency’s highest civilian award, which recognizes excellence, initiative and outstanding contributions over a period of several years. Lorenzo brings to Rackspace a compelling combination of technical expertise and strategic leadership experience. He firmly believes that leadership is a discipline that should be studied and practiced. Lorenzo has become known for sharing his reading lists with all who will listen. He enjoys creating content, reading and the occasional video game. Hailing from Augusta, Georgia, Lorenzo now lives in Waldorf, Maryland with his family. He holds a Bachelor’s of Science from Claflin University. Lorenzo is based in the company’s Reston, Virginia office.