DoD IL2

The U.S. Department of Defense (DoD) has unique information protection requirements that extend beyond the common set of requirements established by the Federal Risk and Authorization Management Program (FedRAMP) program. Using FedRAMP requirements as a foundation, the U.S. DoD specifically has defined additional cloud computing security and compliance requirements in their DoD Cloud Computing Security Requirements Guide (SRG). Cloud Service Providers (CSPs) supporting U.S. DoD customers are required to comply with these requirements.

DoD IL2 is a designation that includes all data cleared for public release, as well as some DoD sensitive information not designated as controlled unclassified information (CUI) or critical mission data, along with low sensitivity personally identifiable information (PII). All cloud service offerings (CSOs) granted a FedRAMP Moderate or High authorization are automatically granted DoD IL2 reciprocity.