Managed Cloud Services
Esri Managed Cloud Services offers to design, deploy, and manage your organizations ArcGIS Enterprise solution in an Esri-owned cloud environment. This option of deploying ArcGIS Enterprise provides organizations assurances that their GIS apps and content are optimized and securely deployed in the cloud. Esri Managed Cloud Services offers three different options depending on your organization's security and compliance requirements.
Esri Manged Cloud Services - Standard
EMCS Standard offers a tailored ArcGIS Enterprise deployment in the cloud that includes several security measures, however, is not certified to comply with specific IT security regulations pertaining to sensitive or specifically certified processes (e.g. HIPAA, PCI, FISMA, FedRAMP). This offering is intended for organizations that are looking to benefit from the management and maintenance of their ArcGIS Enterprise system for their low-risk, non-sensitive data that does not require a regulatory framework.
Esri Managed Cloud Services—Advanced
EMCS Advanced is a single tenant offering through Esri Professional Services that is designed for non-federal customers who require a higher level of security. The Esri Managed Cloud Services Advanced security offering follows American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) framework, which is widely recognized across many industries. SOC 2 and SOC 3 reports are generated and issued under SSAE 18 guidance and developed by the AICPA. These reports are applicable to all third-party service providers, rather than cloud focused. A SOC 2 report created by a third-party SOC assessor can be provided to customers with an active nondisclosure agreement. To request this report, send an email to your Esri account representative. A SOC 3 report is a general use report that does not require a nondisclosure agreement. The latest Esri Managed Cloud Services Advanced SOC 3 report can be found on our ArcGIS Trust Center. Note that these reports are specific to the Esri Managed Cloud Services offering and not ArcGIS Online.
Note, that while EMCS Advanced is not FedRAMP authorized, the program follows the FedRAMP Moderate (Revision 5) control implementation and continuous monitoring guidelines.
Esri Managed Cloud Services—Advanced Plus
EMCS Advanced Plus is a single tenant offering through Esri Professional Services that is designed for federal customers who require an environment that is FedRAMP Moderate authorized. EMCS Advanced Plus has achieved FedRAMP Moderate authorization at the latest Revision 5 baseline. FedRAMP is a security authorization framework developed by the federal government along with industry professionals to align requirements for cloud service providers with those of the NIST framework and containing mappings to ISO/IEC 27001. For general information about FedRAMP, visit the official FedRAMP site or view the Esri Managed Cloud Services Advanced Plus FedRAMP marketplace listing.
Details regarding the
security benefits that are available
in all offerings
described above are provided in the following table:
*HIPAA privacy controls implemented based on contract terms (BAA negotiation required)
For more information about FedRAMP, visit the official FedRAMP site or view the official listing for Esri Managed Cloud Services.