Premora for Government
Public-sector and defense environments demand disconnected or restricted-network operation, private inference, and isolation primitives that accreditation programs can be built on top of. Premora is designed to run fully air-gapped with no external LLM dependency, leaving the customer in control of the accreditation boundary.
:::warning This is product guidance, not legal advice Accreditation programs such as FedRAMP and DoD Impact Levels (IL) are a matter of the customer’s deployment environment — they are not a Premora SaaS certification. Premora provides the isolation and control primitives; your organization owns accreditation, ATO, and any export-control or classified-handling determination. :::
Regulations & frameworks that apply
| Framework | What it expects | How Premora supports it |
|---|---|---|
| FISMA / NIST SP 800-53 | Risk-based security controls for federal information systems (access control, audit, system integrity). | ACL projection and least privilege; audit trails; a single hardened front door; signed, versioned release artifacts. |
| FedRAMP / DoD Impact Levels | Authorization of the operating environment at a given impact level. | Premora runs inside your accredited environment, fully air-gapped if required, with no external SaaS dependency — so it inherits the boundary you authorize. (Accreditation is customer-owned.) |
| CJIS Security Policy (law enforcement data) | Strict access control, auditing, and data isolation for criminal-justice information. | On-prem single-tenant isolation, ACL-aware retrieval that fails closed, attributable access, and audit trails. |
| CMMC / NIST SP 800-171 (defense contractors / CUI) | Protection of Controlled Unclassified Information. | Air-gap or restricted-network deployment, private inference, egress control, and least-privilege access. |
| Export control (ITAR / EAR) | Restrictions on access to controlled technical data. | Customer-environment-specific; Premora provides the isolation primitives (air-gap, no external model calls, ACL enforcement). The customer owns the export-control determination. |
| AI governance | Transparency, attributability, and control over model use. | External providers can be disabled entirely; private on-prem inference; every prompt and output attributable; write-back requires stronger approval than read. |
How requirements map to Premora controls
- Disconnected / restricted networks — deploy via USB air-gap; the core browse-and-search path keeps working with no external dependency.
- Private inference — run Premora Inference so no prompt or content reaches an external LLM.
- Isolation & boundary — one single-tenant deployment inside your accredited environment; Premora inherits the authorization boundary you control.
- Access control & audit — ACL projection, least privilege, audited break-glass, and full audit trails.
Recommended configuration
- Deploy air-gapped from offline media, or pull from an approved internal registry — no GitHub/GHCR credentials are ever required. See Installation.
- Disable all external model providers and run private inference.
- Use customer-managed certificates, CAs, and keys, and isolate higher-risk paths onto dedicated node pools.
- Enforce SSO + least privilege with audited break-glass, and scope connectors to the minimum necessary systems.
- Map Premora’s control narrative to your NIST 800-53 / 800-171 control set for the authorization package.