The Real Problem

Senior Army leaders requested a solution to effectively track and consolidate Soldier health and fitness data as part of the Army’s Holistic Health and Fitness (H2F) program, aiming to enhance decision-making for Soldier readiness. A cloud-based solution was sought to track readiness across the five domains of H2F and ensure data moved with Soldiers throughout their careers, akin to the athlete management systems used in professional sports. Army conducted a multi-phase acquisition for H2FMS and ultimately selected the CoachMePlus and TIAG team’s Warrior Performance Platform (WP2) offering, which is designed to assist Soldiers in achieving comprehensive fitness goals while providing Army leaders with crucial information to enhance Soldier readiness and well-being across the entire force. CoachMePlus and TIAG were actively searching for a secure and DoD compliant platform for their software to facilitate delivery of WP2 to the U.S. Army.

Challenges

CoachMePlus and TIAG encountered various challenges, including a limited team size and lack of familiarity with the DoD cloud authorization process. Through the AWS GSCA program, InfusionPoints was introduced to TIAG and CoachMePlus as a skilled and dedicated partner to help prepare for DoD authorization. With InfusionPoints’ support, CoachMePlus and TIAG rapidly integrated WP2 into InfusionPoints’ managed PaaS in AWS GovCloud, XBU40, to expedite time to authorization. From January to September 2023, CoachMePlus and InfusionPoints engaged DISA RE2 and 3PAO A-LIGN to complete a Readiness Assessment Report (RAR) and Security Assessment Report (SAR) and achieved a DoD IL4 PA from DISA and an Army Interim Authority to Test (IATT) in March 2024.

A Synthesized Approach with InfusionPoints

Leveraging InfusionPoints’ compliance automation platform, XBU40, and our FedRAMP and DoD subject matter experts, CoachMePlus and TIAG integrated WP2 rapidly to meet strict compliance requirements. InfusionPoints walked CoachMePlus and TIAG through the process and delivered on several key milestones, including engineering and build, System Security Plan development, application integration, and Continuous Monitoring to support the WP2 team in meeting FedRAMP and DoD requirements. The fully managed XBU40 platform paved the way for CoachMePlus and TIAG to obtain the DoD PA and shorten their timeline. InfusionPoints Audit Shield ensured a smooth and successful initial 3PAO assessment. End-end automation mitigated compliance challenges allowing CoachMePlus and TIAG to focus on their core mission, to assist Soldiers in achieving comprehensive fitness goals and provide Army leaders with crucial information, while InfusionPoints handled the rest.

• Continuous Monitoring Automation
• Managed Detection and Response (MDR)
• FedRAMP and DoD SIEM Dashboards
• Cyber Threat Hunting and Advisory
• Authenticated Vulnerability Management
• Cloud Native Access Point (CNAP)
• Boundary Cloud Access Points (BCAP)
• 3PAO, U.S. Army, and DISA RE2 Coordination

Results

• Delivered assessment to identity and close gaps.
• Accelerated WP2 market path and control coverage.
• Delivered the WP2 System Security Plan (SSP).
• Supported and Managed WP2 3PAO Assessment.
• Defense-in-Depth with 24x7x365 Monitoring.
• WP2 Achieved DoD IL4 PA from DISA RE2
• WP2 Achieved U.S. Army Interim Authority to Test (IATT)
• WP2 Obtained access the DoD market via DISA RE2 Storefront.