logo_apptis

Apptis taps Amazon Web Services, as available under its General Services Administration Schedule 70 contract. GSA’s Schedule 70 is open to federal as well as state and local government agencies. Apptis aims to position itself at the intersection of cloud provider and government customer. The company offers a broker service in which it takes on a chunk of the work agencies would typically need to do to vet the security of a new system. The Federal Information Security Management Act (FISMA) calls for agencies to put systems through a certification and accreditation (C&A) process before moving them into production. Agencies must document the controls — security measures — that safeguard a given system.

In the case of a cloud service, some 150-plus controls* need to be accounted for.  Apptis offers to document the security controls and give them to a third-party to validate, noted Cameron Chaboudy, director of the Advanced Technology Group at Apptis.

Apptis’ documentation job applies to the cloud infrastructure layer; agencies will handle the C&A legwork associated with the application they plan to run on the cloud. But Chaboudy says Apptis’ infrastructure work will cover 80 percent of an agency’s C&A chore. And therein lies the potential for cost savings: Apptis estimates that 15 percent of a federal agency’s IT project cost is linked to C&A. In its FY2009 report on FISMA implementation, the Office of Management and Budget pegged the average C&A cost (PDF LINK) per system at $78,000.

Apptis believes cloud vendors can also benefit from its security work. Conceivably, a multitude of government entities could descend on a vendor to certify its service offering. But when the process goes through Apptis, vendors are insulated from having to work individually with numerous agencies, noted William (Bill) Perlowitz, vice president of the  Advance Technology Group at Apptis.

“They just deal with one broker,” he said.

Other Cloud Services

Apptis also offers professional services as part of its cloud lineup. The company will help agencies define their cloud strategies and design cloud solutions. Apptis also provides cloud engineering services, in which the company helps customers migrate applications to the cloud or develop new ones. In addition, Apptis provides its FedCloud.com portal, which lets customers provision cloud computing and storage services and keep tabs on the services they use.

Federal IT policy favors cloud computing at the moment, but agencies still have misgivings when it comes to resource control and security. The Apptis cloud service offering is an attempt to bridge that gap.

MSPmentor will continue its government cloud watch in the days ahead.

Sign up for MSPmentor’s Weekly Enewsletter, Webcasts and Resource Center. And follow us via RSS,Facebook, Identi.ca; and Twitter. Plus, check out more MSP voices at www.MSPtweet.com.