Authority to Operate¶
An Authority to Operate (ATO) is a designation a government official provides on behalf of a Federal agency, which authorizes companies or organizations to operate their IT systems on government networks. Government officials grant ATOs to companies who have proven that their IT systems are secure and pose limited risks (if any) to their environments.
Game Warden maintains a continuous ATO through AFWERX for Impact Levels 2, 4 and 5 (Il6 and JWICS are in the works).
During implementation, your containerized software is hosted on the Game Warden platform - undergoing a rigorous process of image scanning and hardening coupled with mandatory approval by our Security team prior to any deployments. Game Warden provides all the tooling required to secure, harden, and run your applications. This process generates a custom Deployment Passport, tailored to the application with inherited security controls from Game Warden.
Deployment Passports
The Deployment Passport document includes the System Security Plan (SSP), vulnerability scan results, any required external approvals, and proof of a government contract for your company. This signature-approved document serves as your ticket into the Department of Defense (DoD), as you inherit our ATO.
The Game Warden Security team and our government Information System Security Manager (ISSM) review this Deployment Passport and other supporting documentation. They will then approve it and issue a Certificate to Field (CtF), which allows the software to inherit the Game Warden platform ATO.
Our Security Team is available for customers who have further questions, or to discuss with their government customers. Please contact us through a Support Ticket or at security@secondfront.com.
The Game Warden team must continuously monitor IT systems to ensure they maintain compliance with ATO requirements. As such, our security tooling continously scans your application containers for new security findings, even after deployment to the production (PRD) environment. These findings will populate in Scan Lab and must be resolved in accordance with Game Warden's Acceptance Baseline Criteria.
FAQ: ATOs
Do I get my own ATO through the Game Warden platform? No, you will obtain a Certificate to Field (CtF) and inherit Game Warden's ATO.
Once I inherit Game Warden's ATO, do I retain it if I leave the platform? No. If you leave the Game Warden platform, you lose the inherited ATO.
Additional ATO Insight
For more information, read What is an ATO? – an article available on the Second Front Systems, Inc. website.
Last updated: 02/15/24