Altium 365 GovCloud 101: Everything You Need to Know

Are you seeking a more secure digital environment? Would you like to improve the protection of your data? Altium 365 GovCloud can help you achieve these goals. It’s a version of Altium 365, engineered to meet the stringent demands of US government regulations. Let’s explore this topic and learn more about Altium 365 GovGloud, its security measures, functionalities, and what makes it different from the standard version of the tool. Here’s everything you need to know.

What Is Altium 365 GovCloud?

Altium 365 GovCloud is an enhanced version of Altium 365, tailored for US government regulations and designed for broader applications requiring superior security, such as business enterprises seeking stringent design data protection. It runs on AWS GovCloud, a secure infrastructure that meets strict regulations like International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR). 

We add extra security measures to Altium 365 GovCloud, for example, by making sure that it is managed solely by US Persons operating on US soil. This means that only individuals who qualify as US Persons and are physically located within the United States have access to and control over the Altium 365 GovCloud infrastructure. Such a step ensures that the data within the GovCloud is not only stored within the US borders but also that any access or operations related to this data are conducted exclusively by individuals in the US.

Who Can Benefit from Altium 365 GovCloud?

Contrary to what the name might suggest, Altium 365 GovCloud isn't exclusively for government entities or strictly regulated sectors. Its applications span a wide range of industries and organizations. For instance, healthcare institutions that manage and safeguard sensitive patient data find value in using GovCloud. Educational institutions also benefit from its enhanced security features.

The term GovCloud stems from its association with AWS GovCloud, which sets up high standards for infrastructure and security controls. Altium 365 GovCloud is located in the AWS GovCloud Region and builds upon this foundation, offering a secure and controlled environment.

While the platform is indeed suitable for government agencies and other official entities, its security features make it an attractive choice for any organization or industry seeking a more secure digital environment. Whether you're part of a government body, a private sector company, or an educational institution, Altium 365 GovCloud can cater to your needs.

What Is a Shared Responsibility Model?

The data protection strategy in Altium 365 GovCloud operates on a shared responsibility model. AWS oversees the physical security of the infrastructure, and Altium focuses on controlling digital access. However, the ownership and control of the data rest squarely with the customer. This means the client determines who can access workspaces, the type of data stored, and where it's sent. Altium has implemented robust controls to prevent data leaks, but the responsibility for user access, especially in restricted countries or scenarios, lies with the customer.

Customers must also maintain the security of their systems. This includes ensuring that any endpoint software provided by Altium is regularly updated with the latest versions. By keeping your systems current, you can minimize the risk of inadvertently introducing malicious elements into the GovCloud environment.

What Is the Difference Between Altium 365 and Altium 365 GovCloud?

One difference between Altium 365 and Altium 365 GovCloud resides in their environments. Although both utilize AWS, Altium 365 GovCloud operates on AWS GovCloud, a platform designed to fulfill stringent regulatory standards and compliance requirements.

Beyond the hosting differences, Altium 365 GovCloud incorporates enhanced security measures. For instance, it strictly manages user access based on US Persons and has additional controls not found in the standard Altium 365. A notable feature is the Firewall, which restricts access from IP addresses outside the United States, ensuring both inbound and outbound traffic adheres to strict controls.

Altium 365 GovCloud Migration

Migrating to Altium 365 GovCloud follows a structured process to deliver a smooth transition. Here's a step-by-step breakdown of what to expect:

• Initiation: The process kicks off with an access request. We'll provide you with a link to submit your request form. 
• Evaluation: Our Customer Success team will review your request. They'll assess your data and address any questions you might have.
• Deployment: If your data meets the criteria for migration, a Customer Success Manager will schedule a meeting with you. This meeting will outline the plan and specifics of the migration process.
• Migration: On the agreed date, all users must save their work and commit updates to the workspace. Our team will then transfer the data to the new GovCloud workspace. You'll be kept informed at every stage of this process.
• Onboarding: Users will connect to the new workspace using a new URL. They'll need to review the data to ensure everything is accurate and complete. Our team will also conduct checks on our end.
• Completion: Once you confirm that the migration is successful, the process concludes.

If you’re considering a move to Altium 365 GovCloud, it's essential to understand the two distinct processes we offer.

The migration process is tailored for existing Altium 365 users. The migration involves a region-to-region transfer, meaning we shift your data from the standard AWS region to the GovCloud AWS region. 

The rehosting process is designed for users with on-premise solutions like Concord Pro or similar systems. In rehosting, we take your data from its current location and move it into the AWS GovCloud.

Irrespective of where you’re coming from, we have a well-structured system to ensure your data is safe throughout the transfer to the GovCloud environment.

How Long Is the Migration Process?

The duration of the migration process varies based on several factors. Primarily, it depends on the volume of data being transferred. Additionally, the current hosting environment plays a role. For instance, if you're already an Altium 365 customer, the process might be quicker as it's a migration. However, if you're using an on-premises solution and need a complete rehosting, the process could take longer. Essentially, the time frame is largely determined by the specifics of your data and current setup.

What Procedures Are in Place to Secure ITAR-Restricted Data?

When customers add data to Altium 365 GovCloud, several security measures safeguard its protection. Firstly, a WAF is in place, restricting access to only US-based users. The data also benefits from both encryption in transit and encryption at rest, ensuring its safety during any movement or storage.

Additionally, access to the underlying infrastructure is limited to a select group of DevOps administrators. Importantly, all these administrators are US persons, aligning with ITAR's definition of US Persons.

Inbound and outbound traffic controls are another crucial aspect, especially given ITAR's emphasis on encryption. While we adhere to these encryption standards, it's essential to note that we don't export ITAR data. Being US-based, the data remains internal. If customers need to send out ITAR data, they typically download it and manage the export themselves.

Can I Use Altium 365 GovCloud for Controlled Unclassified Information (CUI) and Higher Classification Data?

To store CUI and higher classifications, cloud solutions must be certified by a Third Party Assessment Organization (3PAO). 3PAOs are external entities that audit and verify cloud systems based on federal security requirements. 

At this moment, we are undergoing a self-assessment based on the NIST SP 800-171 and CMMC 2.0 standards. When the final release of CMMC 2.0 is finalized, we’ll proceed to obtain a 3PAO certification. 

Currently, Altium 365 GovCloud does not support the storage of CUI and higher classification data. Nevertheless, we are actively progressing in this direction to enable such storage in the near future.

Can I Bring My Own Encryption Keys?

Currently, bringing your own encryption keys is not supported in Altium 365 GovCloud. This limitation arises from our multi-tenant environment and the way we structure our backend systems. We recognize that this is a significant need for many customers, and we're actively exploring solutions to offer this capability. This includes considering options like hybrid or self-hosted environments within GovCloud. 

Can I Use an ITAR-Compliant Version of Altium 365 Without Subscribing to GovCloud?

A key aspect of ITAR compliance is the infrastructure's location, as well as who has access to the infrastructure and location where data exists. In Altium 365, there are no personnel restrictions, while Altium 365 GovCloud allows only US Persons to manage and maintain the environment. 

Without hosting in the appropriate AWS regions, a system cannot be ITAR-compliant. You can meet these standards only with Altium 365 GovCloud because this version runs on AWS GovCloud, which supports compliance with ITAR. It provides access to only authorized persons and the environment physically located in the US and accessed by US Citizens. 

Visit Additional Resources

Altium 365 GovCloud is our answer to top-tier data security and compliance with US government regulations. Suitable for a range of sectors, from government to healthcare, it offers unparalleled data protection features. For detailed insights and answers to common questions, explore our Knowledge Base. Convinced to make a switch to a secure cloud solution? Request your access to Altium 365 GovCloud.