SCuBA Technical Reference Architecture (TRA) Cloud Security Consulting Services
Funded through the American Rescue Plan Act of 2021, the Secure Cloud Business Applications (SCuBA) project was established to develop consistent, effective, modern, and manageable security configurations for helping secure federal agency information assets stored within cloud environments. Through ongoing dialogue and collaboration with industry and government stakeholders, the Cybersecurity and Infrastructure Security Agency (CISA) has put forth two initial guidance documents as a part of the SCuBA project, which collectively will help federal agencies in adopting much-needed security and privacy practices when utilizing cloud services. With Arlington, we offer industry leading cloud security solutions for AWS, Microsoft Azure, Google Cloud, Salesforce, and more.
SCuBA Technical Reference Architecture (TRA)
Per CISA, “The purpose of the SCuBA Technical Reference Architecture (TRA) is to provide context, standard views, and terminology that incorporate and align all SCuBA efforts. The SCuBA TRA is product and vendor agnostic and is consistent with other federal, DHS, and CISA reference architectures (RAs). The SCuBA TRA is based upon the Cloud Security TRA published by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program (FedRAMP).”
The Extensible Visibility Reference Framework (eVRF) Guidebook
Per CISA, “The purpose of the extensible Visibility Reference Framework (eVRF) is to provide a framework for organizations to identify visibility data that can be used to mitigate threats, understand the extent to which specific products and services provide that visibility data, and identify potential visibility gaps.”
How Arlington Can Assist with SCuBA
Technical Assistance with SCuBA Security Requirements: SCuBA provides a comprehensive list of requirements relating to securing cloud business applications. Such requirements are essential for helping ensure the Confidentiality, Integrity, and Availability (CIA) of an organization’s cloud infrastructure. With years of working with cloud environments, Arlington has the expertise in helping ensure full compliance with the relevant SCuBA security sections.
Policies and Procedures: Developing well-written, comprehensive security documentation is critical for ensuring compliance with the stated SCuBA framework. With Arlington, we offer a wide-range of customized policy, program, and plan development writing services for helping ensure you have the best documentation possible.
