Compliance Inheritance

Project Hosts has developed a General Support System (GSS) PaaS on top of Microsoft Azure that handles 80% of the controls for any application deployed on Azure that ties into the GSS.  The Project Hosts PaaS has been DoD, FedRAMP authorized, HITRUST certified, and has more than a dozen agency ATOs, so a new agency wanting to use it can do so with confidence that its control implementations have been well vetted.  But Project Hosts takes it a step further.

When an agency, ISV or commercial organization works with Project Hosts to deploy an application on Microsoft Azure and tie it into the GSS, Project Hosts also implements and manages the application-level controls above the GSS, taking that burden off of the organization.  To show the company’s security department how the controls are implemented, Project Hosts creates an application-level System Security Plan (SSP) and provides documented evidence of control implementation.  The GSS allows companies to be up and running in 2-3 months using any application they want in the cloud with all of the evidence and documentation they require to grant it compliance or an ATO.