POWERED FOR THE MILITARY: SECURED & ACCREDITED

For over a decade, teams at the highest echelons of professional and collegiate sports have trusted CoachMePlus to collect and protect their most sensitive athlete data. The CoachMePlus commercial athlete management system (AMS) was designed with security in mind, providing highly configurable, fine-grained access controls and built on a robust, scalable, cloud-based platform architecture that enforces data encryption in transit and at rest.

Purpose-Built for the US Military

While the CoachMePlus commercial AMS is inherently secure, the US military requires a different grade of security protections. To meet the rigorous cybersecurity compliance demands of the DoD, the commercial product has been reimagined as Warrior Performance Platform (WP2). WP2 is hosted on AWS GovCloud (US) and provides defense-in-depth through a robust, compliance-focused security architecture aligned with the NIST SP 800 series (including 800-53, 800-37, 800-137, 800-171, 800-63, 800-160, and more). To streamline these compliance efforts, WP2 leverages the InfusionPoints XBU40security platform-as-a-service. Our partnership with InfusionPoints provides numerous benefits such as Access Control, Boundary Protection, Security Hardening, Continuous Monitoring, and Audit Support, as well as a robust library of compliance

DoD Approved

In concert with the DoD Cloud Computing Security Requirements Guide (CC SRG), and under sponsorship from the US Army, the WP2 team worked with the DISA Cloud Assessment Division (RE2) to pursue a DoD Provisional Authorization (PA). As part of this multi-year process, the WP2 cloud service offering (CSO) was independently assessed by a third-party assessment organization (3PAO), the results of which were delivered to DISA RE2 for validation. In March of 2024, as a result of the favorable 3PAO assessment and DISA Joint Validation Team (JVT) review, the DISA Authorizing Official (AO) awarded WP2 at DoD Provisional Authorization (PA) at DoD Impact Level 4 (IL4).

Why a DoD PA?

The DISA Cloud Assessment Division provides support to DoD components through the pre-screening, assessment, validation, and management of the initial authorization process for CSOs such as WP2. On the strength of a DISA-issued PA, any DoD Mission Owner (MO) can inherit the control set validated through the DoD PA process and more quickly award an Authority to Operate (ATO) without the need for a full, independent, ground-up assessment.

US Army Approved

The US Army Center for Initial Military Training (USACIMT) has selected WP2 for further evaluation as the platform of choice to be adopted in support of the Army's Holistic Health & Fitness (H2F) program. In line with this effort, the cybersecurity team from Program Executive Office (PEO) Soldier has worked in collaboration with USACIMT to issue an Interim Authority to Test (IATT) in support of initial rollout activities. Leveraging the controls validated through the DoD PA, the IATT enables USACIMT to proceed with a WP2-centric congressionally mandated wearable biosensor research study as well as the initial rollout in support of H2F. Based on the initial success of these activities, the WP2 team is working with PEO Soldier in pursuit of a full ATO.