Oracle Government Cloud has added national security regions for US Intelligence Community and Department of Defense customers.

The data center regions "were developed to address" DISA Impact Level 6, Secret and Top Secret security levels, as well as ICD 705 and ICD 503 requirements - but it is not clear if the facilities actually meet IL6, Secret, and Top Secret levels.


In a statement, DISA Risk Management Executive, CIO and Authorizing Official, Roger Greenwell told DCD: "DISA is working with another DOD component in their efforts to enable a mission specific, Fit-for-Purpose secret cloud environment using Oracle Cloud Infrastructure (OCI). The environment is not operational at this time. DISA is not the authorizing official for this specific OCI usage. Oracle OCI does not have a DoD Provisional Authorization for processing IL6 categorized data."

Oracle did not respond to requests for comment about its actual security levels.

Protect the database

Oracle plane
– Oracle

The regions join five unclassified FedRAMP High and DoD Impact Level 5 Government cloud regions and 20 standard cloud regions.

“Oracle is proud to offer National Security Regions to the DoD and IC to help securely run their most-demanding, mission-critical classified workloads. These cloud regions offer the industry’s fastest-growing suite of IaaS, PaaS, and SaaS in a highly-secured classified cloud environment,” said Glen Dodson, SVP of Oracle’s National Security Group.

The company has a long history of working with the US government and surveillance community - in fact, its name is derived from a 1977 CIA project, and the agency was the company's first customer.

Now, it claims, its cloud services are used by eight of the top 10 federal agencies by budget, all four branches of the US military, and 36 states. When it hasn't been successful in winning contracts, it has often turned to legal means to get back in the fight - getting the DoD to slash a $950m AWS reseller contract to just $65m, repeatedly trying to block the $10bn JEDI contract, and this week successfully getting the Library of Congress to drop a requirement that asked for AWS, Azure, or Google services.

The company is also on the cusp of becoming TikTok's primary cloud provider, potentially taking a stake in the business which is expected to be spun out of Chinese parent company ByteDance. The sale is being forced by US President Donald Trump, who alleges the company is a national security risk.

This article has been updated.