HP Enterprise Helion for Public Sector
Hewlett Packard Enterprise (HPE) Helion for Public Sector is an Infrastructure-as-a-Service (IaaS) cloud service that implements the complete FedRAMP Risk Management Framework by establishing controls for security, privacy, and IT governance to fulfill the NIST requirements for U.S. government agencies. This infrastructure and platform service offering is a highly secure, enterprise-class, cloud computing environment enabling government agencies, contractors and non-government organizations governed by federal regulations (e.g.: educational institutions, HIPAA-governed entities, and critical infrastructure ) to operate in the cloud with greater agility and flexibility while adhering to rigorous security, privacy, and IT governance controls required by the federal government.
HPE Helion for Public Sector consists of multiple components that can exist in a single cloud or operate within multiple clouds:
Government agencies can benefit from HPE’s service excellence and over 50 years of public sector experience, with a solution built from the ground up with security and best practices in mind. The service is hosted exclusively in auditable data centers in the continental United States, and is staffed by U.S. persons.
- Infrastructure-as-a-Service (IaaS): allows consumers to build and manage Windows, Linux and/or UNIX services to host system middleware or applications they install and manage themselves. The service enables users to quickly provision both virtual and physical servers in a consumption- based model. The service also allows clients to co-locate customer-owned physical devices such as RISC chipset servers or hardware security modules (MSM) in the same data center as their cloud servers.
- Disaster Recovery-as-a-Service (DRaaS): enables consumers to implement a disaster recovery capability to meet federal, state and local requirements for contingency planning. This solution automatically collects and maintains complete images of the servers and network in their cloud, and can restore the entire cloud without client intervention. This managed service also includes assistance with disaster recovery planning and annual DR rehearsals.
HPE Helion for Public Sector complies with the following regulatory standards:
For more information, visit our web site for the U.S. public sector at www.hpe.com/gov/transformation or our worldwide web site at www.hpe.com.
- FIPS 140-2 encryption (Federal Information Processing Standards 140-2 encryption)
- FedRAMP tailored CIS Level 1 configuration benchmarks (Center for Internet Security Level 1)
- HIPAA/HITECH Security and Privacy (Health Insurance Portability and Accountability Act/ Health Information Technology for Economic and Clinical Health)
- ITAR (International Traffic in Arms Regulations)
- FERPA (Family Educational Rights and Privacy Act)
- PCI-DSS (Payment Card Industry Data Security Standard)
- CJIS (Criminal Justice Information System)
- FISMA (Federal Information Security Management Act)
- DIACAP/DIARMF (DoD Information Assurance Certification and Accreditation Process/Defense Information Assurance Risk Management Framework)
- DoD Cloud Security Reference Guide (SRG) Information Impact level 2 (authorized 10/27/14)
Privacy Threshold Analysis (PTA)
Privacy Impact Assessment (PIA)
System of Records Notice (SORN)
Authority to Operate (ATO)
FedRAMP (JAB) (link)
FedRAMP (CSP Package)