My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
SOLICITATION # CH16012 <br />intended for use by stakeholders (e.g. customers, regulators, business partners, suppliers, directors) <br />of the service organization that have a thorough understanding of the service organization and its <br />internal controls. VMware has completed an independent third -party examination of vCloud Air that <br />also spans a twelve (12) month review period. <br />SOC 3: Trust Services Report for Service Organizations Control 3 (SOC 3) reports are designed to <br />meet the needs of customers who want assurance on the controls at a service organization related to <br />security, availability, processing integrity, confidentiality, or privacy. vCloud Air has completed an <br />independent third -party SOC 3 examination of VMware vCloud Air. SOC 3 is composed of a <br />comprehensive set of trust principles including security, availability, processing integrity, confidentiality <br />and privacy. <br />Cloud Security Alliance: VMware vCloud Air has completed the Cloud Security Alliance (CSA) <br />Consensus Assessments Initiative Questionnaire (CAIQ). CAIQ provides industry -accepted ways to <br />document what security controls exist in IaaS, PaaS and SaaS offerings. <br />FedRAMP Provisional Authority: VMware vCloud Government Service, provided by Carpathian, now <br />has FedRAMP Provisional Authority to Operate issued by the Joint Authorization Board (JAB). <br />FedRAMP is a government -wide program that provides a standardized approach to security <br />assessment, authorization, and continuous monitoring for cloud products and services. This approach <br />uses a ""do once, use many times"" framework that can reduce government organizations' costs, time, <br />and staff required to conduct redundant agency security assessments. U.S. government agencies can <br />now leverage vCloud Government Service to meet the stringent security and privacy requirements of <br />FedRAMP. <br />FIPS 140-2: VMware vCloud Government Service is fully FIPS 140-2 compliant including hardware <br />which provides its 2-Factor Authentication capabilities. <br />FIPS Pub 199: As discussed previously, vCloud Government Services is certified to store and secure <br />Low Risk Data and Moderate Risk Data as defined by FIPS Pub 199. VMware is willing to work with <br />participating States that require High Risk Data Storage to enhance vCloud Government Services to <br />store and secure this data. <br />FIPS Pub 199: As discussed previously, vCloud Government Services is certified to store and secure <br />Low Risk Data and Moderate Risk Data as defined by FIPS Pub 199. VMware is willing to work with <br />participating States that require High Risk Data Storage to enhance vCloud Government Services to <br />store and secure this data. <br />CJIS: vCGS recently underwent a CJIS assessment by CoalFire, Inc. CJIS is not a certification, it is a <br />policy that must be followed and accredited for each deployment which requires it. The goal of <br />VMware's CoalFire assessment was to create a baseline configuration that can be reused across any <br />CJIS opportunity to accelerate the implementation and accreditation timeframes. <br />FERPA: Like CJIS, FERPA compliance is assessed and confirmed for each deployment that requires <br />it. VMware's vCloud Government Service FedRamp certification and others provide evidence that the <br />underlying infrastructure is capable of meeting rigorous information security and availability <br />requirements. VMware will work with Participating Entities to meet FERPA requirements on a task <br />order basis. <br />PCI Data Security Standards (DSS): Neither vCloud Air nor vCGS are currently PCI certified at this <br />time. VMware will work with Participating Entities to meet PCI requirements on a task order basis. <br />IRS Publication 1075: Because both IRS 1075 and FedRAMP are based on NIST 800-53, the <br />compliance boundary for IRS 1075 is the same as the FedRAMP authorization. This, vCGS complies <br />with IRS Publication 1075 on the basis that it is FedRAMP certified. <br />FISMA: vCGS is FISMA Low and Moderate compliant. <br />carahsoft 58 carahsoft <br />
The URL can be used to link to this page
Your browser does not support the video tag.