DoD Cloud SRG Definition
• Non-privileged user access to Mission Owner’s systems and applications instantiated on IaaS/PaaS. (i.e., mission application end-users).
• Translation: CAC authentication is required for normal DoD user access to an application. Whether this is accessing a ticketing system (e.g., JIRA), knowledge base (e.g., Confluence), content management system (e.g., Wordpress, Joomla, Drupal, etc.), custom application, etc., they all require CAC authentication. However, there are exceptions. Many applications cannot support CAC authentication because its users do not have a CAC, but still need to access the data — e.g., state and local authorities, authorized foreign nationals, etc.
In the process of migrating this data. Check back soon for updates.
Have suggestions for cloud security issues you want to know more about?
Maybe we have an answer. Let us know below.