FISMA Accreditation and compliance of a Mission-Critical Business Application

FISMA Moderate Accreditation for a Mission Critical VA AWS Environment  

About the Customer: A&T Systems has been providing a secure Electronic Invoice submission solution for the Department of Veterans Affairs since 2007 until now. We are using the Tungsten eInvoicing SaaS based solution on AWS Cloud.  

A&T received a new requirement to revalidate the Tungsten FISMA moderate security to make sure that VA can apply and receive their ATO for this service.  

This task was of most importance since the Tungsten decided to migrate its e-Invoicing application processing from its U.S.- based datacenter to a secure AWS Cloud environment serving the VA (Financial Services Center) and other U.S.-based clients. This Cloud migration was designed to result in lower operational costs for their e-Invoicing application processing and provide VA Financial Services Center (FSC) with the same level of security as their current requirements mandated.  

Customer Challenge: To meet VA continuous AWS managed and security requirements since 2007 till now, Tungsten asked A&T to build/manage a FISMA moderate datacenter that hosts its secure e-Invoicing SaaS solution to process VA’s workload in the U.S. The SaaS solution continued serving the VA FSC and other U.S. based clients until early 2013 when Tungsten decided to migrate SaaS e-Invoicing application processing from a terrestrial datacenter to a secure AWS Cloud environment. A&T Cloud Solution Architects designed, architected, deployed, and finally forklifted the SaaS solution to the AWS Cloud after receiving a FISMA Moderate ATO from VA-FSC. 

Partner SolutionIn order to forklift OB10’s entire datacenter infrastructure to the AWS Cloud, A&T initiated a Phased Approach consisting of 8 steps: 1) Cloud environment assessment & design; 2) Cloud environment migration planning; 3) Cloud environment provisioning & deployment; 4) Cloud configuration adjustment/fine tuning/optimization; 5) setup and configure managed services; 6) UAT testing; 7) migration of data through the Cloud kiosk to the proper Instances; 8) Go-Live.   

The SaaS/PaaS solution for e-Invoicing on AWS Cloud is running on ~35 Windows 2012 and RedHat virtual instances with multiple instances based and RDS based DBs, using most all aspects of AWS tools/solutions. The CheckPoint virtual intrusion prevention appliance protects the environment that the A&T 24×7 NOCC monitors/manages. 

A&T operates and maintains the e-Invoicing SaaS solution running in this secure FISMA Moderate certified VPC: e.g., all security, operations, release management, monitoring, backup and break/fix and daily, weekly, monthly meetings with subcontractors and VA. The task involves design architecture, material management/acquisition, redundancy planning, and disaster recovery. A&T staff provides all levels of managed support services 24/7/365 for Cloud, network, storage, operating systems, customized application from OB10, Oracle, and MySQL databases running on local RedHat instances and RDS. 

Services provided: 

  • AWS engineering and solution architecting 
  • OS and application management including patch management 
  • VPC local subnet and network configuration 
  • Security management including Intrusion Protection System and Intrusion Detection System (IDS) 
  • FedRAMP compliance and auditing services 
  • 24/7/365 monitoring using both Cloud watch as well as customer 3rd part solution 
  • Tier 3 diagnostic and resolution support 
  • Database management support 
  • Backup services including databases, contents and virtual instance snapshot and image creation 
  • DR Services 
Amazon Web Service (AWS) Applications   
AWS Certificate Manager AWS KMS AWS CloudFormation AWS Lambda AWS Step Functions  
AWS CloudTrail Trusted Advisor AWS CloudWatch AWS RDS AWS VPC  
AWS Glazier AWS S3 AWS Compute AWS SES AWS EBS  
AWS Config AWS SNS AWS IAM AWS SQS   

Results and BenefitsA&T Systems has implemented a Tier-3 Application environment for e-Invoicing software on Amazon Web Services (AWS) Cloud platform. With the AWS implementation, we offer Department of Veterans Affairs Financial Services Center (FSC) and Department of Veterans Affairs – Commercial and Veteran Readiness and Employment (VR&E) solutions with Software-as-a-Service (SaaS) based solution to meet VA’s e-Invoicing needs. VA has issued a FISMA Moderate Authority to Operate (ATO) for A&T’s secure implementation of Team A&T software in AWS. 

About the Partner:  A&T Systems has been a trusted advisor to the Government for almost four (4) decades and has been an AWS Advanced Consulting Partner for over nine years. A&T is an AWS Solutions Provider and recent AWS’ Partner Transformation Program (PTP) graduate. PTP is a comprehensive assessment, training, and enablement program focused on further building and reinforcing a successful AWS Cloud business practice.  Our clients find that A&T is Flexible, Responsive, Innovative, Stable, and Cost-efficient (FRISC).  

A&T Systems is an AWS Advanced Consulting Partner and an Authorized Government Reseller Partner. As an AWS Authorized Government Partner, their cloud architects, DevOps and technical support staff, billing expertise, and project managers enhanced the security of the GovCloud region.