Oracle Cloud Infrastructure achieves FedRAMP authorization

Now that its cloud infrastructure is compliant with the Federal Risk and Authorization Management Program, Oracle can go after more public sector business.

The Industry Cloud: Why It's Next The industry cloud has taken off and big businesses have been built by the likes of Veeva, Rootstock and others. ZDNet's Karen Roby and James Sanders look at how the industry has thrived even as giants like Salesforce, Oracle and SAP eye their turf.

Oracle Cloud Infrastructure is now compliant with the Federal Risk and Authorization Management Program (FedRAMP), the company announced Monday. While Oracle already has a major presence in the public sector, the new authorization should open up new, lucrative opportunities for business with the federal government. 

FedRAMP-authorized vendors have undergone extensive technical and security reviews, completed audits conducted by accredited third-party assessors (3PAOs) and have granted authorizations to operate (ATOs).

Also: The top cloud providers for government

The Oracle cloud's lack of FedRAMP authorization stymied Oracle's bid for the Pentagon's JEDI cloud computing contract. The Joint Enterprise Defense Infrastructure (JEDI) contract could be worth more than $10 billion over 10 years. It's expected to include both IaaS and PaaS services in classified and unclassified environments.

Oracle, however, was dropped from the bidding process in part because it couldn't meet the FedRAMP requirements. Oracle is still fighting for a piece of the massive contract, with plans to appeal a recent court ruling that seemingly left Amazon Web Services and Microsoft Azure as the two remaining contenders for the contract. 

Brad Gladstone, managing director for Accenture's Federal Services Oracle practice, said in a statement that Oracle's FedRAMP authorization "provides a strong alternative for our federal government clients to leverage, especially those seeking to move large and complex Oracle-based solutions to the cloud."

Along with FedRAMP, Oracle Cloud Infrastructure is also now compliant with standards and compliance mandates related to: the Health Insurance Portability and Accountability Act (HIPAA), Service Organization Control (SOC1 & SOC2) and US Department of Defense Security Requirements Guide Impact Level 2 (IL2). 

The company notes that it already has a long history with government customers, including the CIA, which was e first customer to use Oracle's flagship database software 35 years ago. More than 500 government organizations currently use Oracle technology, including eight of the top 10 federal agencies by budget and all four branches of the US military.