OpenText Attains FedRAMP ATO Requirements Rapidly

Cloud Compliance, Tight Timelines, and Upfront Challenges

OpenText (formerly Micro Focus) is a multinational software and information technology company providing software and consulting services to the federal government and fortune 500 companies around the world. Faced with a tight timeline, OpenText wanted to obtain a Federal Risk and Authorization Management Program (FedRAMP) Authority to Operate (ATO) to expand their cloud service offerings to the federal government. OpenText’s Service Management Automation X (SMAX) and Project and Portfolio Management (PPM) SaaS products were already optimized and built to be scalable on the Amazon Web Service IaaS, but their development and operational teams are located overseas. OpenText wanted to act quickly to gain access to current federal opportunities, so they needed to find a partner who has U.S. persons on U.S. soil. To meet the rigorous FedRAMP requirements, they would need to build and infuse the FedRAMP security controls into their SaaS, find a vendor to provide FedRAMP compliant operation services, and partner with FedRAMP experts as they work to tackle the nuances cloud service providers face throughout the FedRAMP process.

The Key Challenges They Faced

• Finding U.S. Persons on U.S. Soil to offset their overseas production and operations teams
• Finding a dedicated partner to help with understanding and tackling the nuances of the FedRAMP ATO process
• Meeting tight timelines
• Needing a fully dedicated FedRAMP and AWS partner for building and operational support
• Spending money on a long and drawn-out process
• Maintaining compliance after the ATO is achieved

"I knew attaining FedRAMP compliance wasn’t going to be easy, and neither will maintaining compliance long term. But by working with our partners at InfusionPoints, my team and I have been able to focus more on our applications and business goals and less on compliance requirements. InfusionPoints has been vital to our FedRAMP success.” Chad Hulse – Director of SaaS Strategy at OpenText

A Synthesized Approach with InfusionPoints

OpenText chose InfusionPoints to assist with their ATO journey because InfusionPoints offered the one-stop-shop partnership they were looking for, not just a solution for them to figure out on their own. InfusionPoints’ suite of services, proven track record, and strong expertise with FedRAMP requirements and AWS infrastructure gave OpenText great confidence. InfusionPoints was able to quickly meet with OpenText to collaborate and determine the specific needs to obtain an ATO and launch this product into the marketplace for other agencies to utilize.

Expert Guidance and an ATO Fast Track with XccelerATOr

Utilizing InfusionPoints’ XccelerATOr compliance automation (based on native AWS cloud services) and our FedRAMP subject matter experts, OpenText was ready to integrate its SaaS products rapidly in alignment with their business goals. InfusionPoints walked OpenText through the process and developed several key processes to enable OpenText to meet FedRAMP requirements. This managed environment paved the way for OpenText to obtain its ATO and shorten its timeline. InfusionPoints’ XccelerATOr automated the configuration of many of the required AWS services to remove many of the ATO-related challenges, enabling OpenText to focus on its core mission while InfusionPoints handled the rest. In addition, InfusionPoints provided a full set of FedRAMP documentation and provides the following VNSOC360°services 24/7/365 on AWS resources:

• FedRAMP Continuous Monitoring
• Managed Detection and Response (MDR)
• Extended detection and response (XDR)
• Cyber Threat Hunting
• Vulnerability Management for operating systems and containers
• Static and dynamic code analysis

InfusionPoints’ XccelerATOr Allowed Micro Focus To:

• Provide U.S. Persons on U.S. Soil for operations and management of the FedRAMP environment
• Get their application FedRAMP ready to meet their timeline
• Expand their potential customer base to include Civilian Agencies and DoD clients
• Have an efficient FedRAMP Compliant Pathway through consulting and engineering support
• Focus on their core mission while InfusionPoints took care of compliance
• Become FedRAMP Ready when they needed it

"Working alongside the Micro Focus team has proven the value of FedRAMP XccelerATOr as a product on one hand and a partnership on the other. The security configurations included as a part of the package makes Micro Focus’ timeline goal realistic, something that would have otherwise been unrealistic. FedRAMP is complex, but we pride ourselves on making it much easier for our customers, which we have done for Micro Focus.” Tanner Bailey – Program Manager at InfusionPoints