Get Started

Understanding DoD Cloud Computing Impact Levels

DoD Impact Levels allow the DoD to categorize info systems and their info based on the potential impact caused in the event they are compromised.

2F Contributor

02.22.2024 / 10 months ago

DoD Impact Levels (IL) are used to categorize information systems and the information they store and process based on the potential impact in the case the information system or the associated information were to be compromised. The security qualities taken into account when determining DoD ILs include confidentiality, integrity, and availability.

Confidentiality — There is limited access to information.

Integrity — Information is trustworthy and accurate.

Availability — There is reliable access to information by authorized parties.

The Defense Information Systems Agency (DISA) published the Department of Defense (DoD) Cloud Computing Security Requirements Guide (CC SRG) based on the guidance of the Federal Information Systems Management Act (FISMA) and the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37. The DoD CC SRG applies a FedRAMP+ concept by accepting the security work carried out during the FedRAMP process via reciprocity, then adding specific requirements and security controls that meet the special needs of the DoD.

The DoD CC SRG defines the security characteristics for each IL:

IL2 — IL2 includes Public or Non-Critical Mission Information
IL4 — IL4 includes Controlled Unclassified Information (CUI) (e.g. For Official Use Only (FOUO), Personally Identifiable Information (PII), and Personal Health Information (PHI)), Non-Critical Mission Information, and Non-National Security Systems (NSS)
IL5 — IL5 includes higher sensitivity CUI, Mission Critical Information, and NSS. IL5 exists within a narrow category between IL4 and IL6, but it is distinguishable by the inclusion of NSS.
IL6 — IL6 includes information systems and information classified SECRET

DoD ILs are useful labels for a comprehensive security categorization system. They allow DoD information system owners and managers to quickly identify the security criticality of information systems and their associated information, and determine the minimum security measures necessary for handling that system.

‍

Industry Insights

Looking for more?

Blog

11.28.23

2F Team & Culture

Changing the relationship between global defense, national security, and commercial software with $40M Series B funding round

Read blog

Blog

08.09.24

Industry Insights

What is an Authority to Operate (ATO)?

Read blog

Watch video

See All Resources

Your success is our mission.

Get Started

Products

Develop. Deploy. Defend.

The 2F Suite simplifies and accelerates every step of the software development and delivery process, including Day 2 operations and extensibility.

Explore the 2F Suite

2F Workshop

Build compliant software from the start with our toolkit for secure development.

2F Game Warden

Streamline compliance and security processes to obtain accreditation quickly.

2F Frontier

Deploy your software for drones, devices, and vehicles by air, land, and sea.
Why 2F

Trusted. Proven. Relentless.

Leading software providers and government agencies around the world trust us to deliver secure technology.

Why 2F

About Us

We’re a public-benefit, venture-backed company delivering mission-critical software to the world’s democracies.

Partners

We collaborate with a diverse network of mission-driven partners to broaden the reach of our solutions.
Solutions
Solutions that empower and transform.

Whether delivering software to the public sector for the first time or needing a hand navigating the complex accreditation process, 2F is your one-stop shop.

Explore our solutions
For Commercial

DOD Accreditations

Government Cloud Hosting

Secure Development

International Software Expansion

For Government

Monitoring & Observability

Software Factory

Security Accreditation

SaaS Hosting

Edge Deployment
Resources
Your command center for knowledge and innovation.

Strategic insights, mission-ready resources, and frontline expertise—all in one place.

Explore the 2F resources
Resources

Blog

Customer Stories

Podcast

Videos

Technical Documentation

Topics

2F Team & Culture

Industry Insights

Products

News & Events

News

Offset Symposium

Get Started

2F Workshop

2F Game Warden

2F Frontier

About Us

Partners

For Commercial

For Government

Resources

Topics

News & Events

Understanding DoD Cloud Computing Impact Levels

Looking for more?

Changing the relationship between global defense, national security, and commercial software with $40M Series B funding round

What is an Authority to Operate (ATO)?

Additional Resources

Ep 79. Don’t Forget What it’s Like to be in a Gunfight with John Goodson

Ep 78. Bridging Borders: Collaboration in National Security with Saj Huq

Ep 77. Innovation at the Edge with Michael Brasseur

Ep 76. Firmware Security & Vulnerabilities with Paul Asadoorian

Ep 75. Building Strategic Partnerships with Mamie Cruse

Ep 74. From FinTech to Defense Tech with Arun Nair

Ep 73. High Stakes Learning: Winning Strategies for Sports and Defense

CEO Tyler Sweatt Interview with NEA’s Aaron Jacobson – Part 3

CEO Tyler Sweatt Interview with NEA’s Aaron Jacobson – Part 2

CEO Tyler Sweatt Interview with NEA’s Aaron Jacobson – Part 1

Your success is our mission.

Sign up for the 2F Newsletter

Sign up for the 2F Newsletter

2F Workshop

2F Game Warden

2F Frontier

About Us

Partners

For Commercial

For Government

Resources

Topics

News & Events