Posts Tagged: FedRAMP

11 Important Things to Know About FedRAMP

FedRAMP, the Federal Risk and Authorization Program, is a risk management program aimed at assessing the security of cloud computing products and services, building security consistency across federal cloud computing platforms, reducing duplicative efforts, and reducing cost inefficiencies. In establishing FedRAMP, the federal government intended to help support and increase the adoption of cloud computingRead… Read more »

Sunny Skies For Cloud Services

Users, for a while, had mixed feelings toward cloud services. Cloud could be seen as a burden to adopt in government agencies and an overall security risk. However, the Federal Risk and Authorization Management Program (FedRAMP) helps address these problems. At first, the FedRAMP system received lukewarm reviews. However, in light of a recent revampRead… Read more »

What to expect in 2014 – 4 Trends to Watch

2014 could be a big year in government management, procurement and implementation of the cloud. Why? Dan Chenok is the Executive Director for IBM’s Center for the Business of Government. He told Chris Dorobek on the DorobekINSIDER program that 2014 may the year for comprehensive IT reform? IT Reform “Whether 2014 is big year forRead… Read more »

DISA Wants 10 for Cloud Contract, Only 5 Have Passed FedRAMP

The Defense Information Research Agency wants to award 10 positions on a potential $450 million cloud computing products and services contract even as only five companies have gone through the new governmentwide cloud certification process, Federal Times reports. Nicole Blake Johnson writes companies that hold the FedRAMP authority to operate are Amazon Web Services, AutonomicRead… Read more »

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation. You will learn the basics of the NIST risk management framework (RMF) with a specific focusRead… Read more »

GSA Associate Administrator Speaks to Cloud Environment and FedRAMP Implementation

Currently, there is a great deal of buzz surrounding the movement toward Cloud environments within government. From discussions of significant cost savings to hesitations surrounding security concerns, most government agencies have begun to weigh the pros and cons of migrating information and operations to the Cloud. David L. McClure, now Associate Administrator of the OfficeRead… Read more »

FedRAMP 3PAO Program – Have we Heard of this Idea Before?

In a packed auditorium in 2006, I recall sitting in the “Red Auditorium” at NIST to participate in a workshop hosted by the Computer Security Division. The goal of the workshop was to discuss the implementation of Phase II of the FISMA Implementation Project. At the time, the Phase read like this: “The second phaseRead… Read more »

Selecting a 3PAO with assessors that have the Certificate of Cloud Security Knowledge (CCSK)

The CCSK is NOT meant to be a substitute for other certifications in information security, audit and governance. The CCSK augments other credentialing programs like the CISSP, CAP, CSSLP, etc. However, the CCSK does provide a valuable selector for organizations such as federal agencies, cloud service providers (CSPs), and even cloud customers seeking to evaluateRead… Read more »

So what is the Certificate of Cloud Security Knowledge (CCSK) anyway?

In July 28, 2010, the Cloud Security Alliance (CSA), with support from many within the industry, launched “the industry’s first user certification program for secure cloud computing.” Since the initial set of early adopters, which include over 80 professionals across the world with different backgrounds and specialties, the CCSK has continued to show broad acceptanceRead… Read more »

NOAA Transitions to the Cloud

By Doug Krueger Originally posted on Federal Blue Print In response to the Office of Management and Budget’s directive that all agencies must move at least three services to the cloud by May 2012, the National Oceanic and Atmospheric Administration (NOAA) has officially completed its transition to a cloud-based Google email system. As the largestRead… Read more »