Single Standard For Cloud-Computing Services

Single Standard For Cloud-Computing Services

The Federal Risk and Authorization Management Program, also known as FedRAMP, is adopting a “cloud-first” policy that will standardize the basic security requirements that cloud-computing providers, such as Google and Microsoft, will have to meet before receiving government contracts. Third-party assessment organizations will be hired to verify whether companies meet the basic security requirements.

This change is aimed to improve IT procurement and comes as the government is in the process of transferring computer services, such as e-mails, to cloud-based systems. Technology programs have been shut down in the last months because they have been running over budget and behind schedule, so fixing IT is a priority. The main goal is to build a security framework where the rules and policies are applied consistently across multiple projects.

How will this program work?

This initiative will standardize the security of cloud products and services and accelerate their adoption. The purpose is to set one government-wide cloud security program, meaning that a vendor would not have to repeat the security approval process every time it wants to bid on a cloud-computing contract.

A list with accredited third-party assessment organizations is available for vendors to help them authenticate more than 160 security controls, including spam filter capabilities and encryption standards.

What are the benefits of the program?

  • The process will reduce the redundancy of multiple agencies evaluating the same cloud product. For companies, the time to sell to the government will be shorter.
  • Increases re-use of existing security assessments across agencies.
  • Saves significant cost, time and resources.
  • Enhances transparency between government and cloud service providers (CSPs).
  • Improves the trustworthiness, reliability, consistency, and quality of the Federal security authorization process.

The program is managed by the General Services Administration, as part of the Department of Homeland Security. You can read more about FedRamp at this GSA page: http://www.gsa.gov/portal/category/102371.
If it brings the standards that everyone awaits in cloud computing, it will be a great win, both for CSPs working in the government projects and the entire industry. In time, we will see if this is a good initiative or not. What do you think?

By Rick Blaisdell / RicksCloud

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Who’s Ready For The Cloud, And Can Deliver!

Who’s Ready For The Cloud, And Can Deliver!

Cloud Ready In my article last month, I discussed how the managed service provider (MSP) industry has been continuously urged to embrace the cloud, but in the end, could they? I answered the questions by describing several impediments and challenges that I believe are preventing MSPs from generating significant revenue and successfully fulfilling their client’s…

Drones: Unlimited Possibilities Await Us – Good And Bad

Drones: Unlimited Possibilities Await Us – Good And Bad

Drones: Unlimited Possibilities I have written two recent posts here on CloudTweaks about drones. The first, ‘The Pizza Delivery Drone’, was a somewhat comical look at what possibly is to come with future drones. The second was a look at the more immediately possible concept of a modular drone.  Modular drones are capable of supporting…

Smart Umbrellas – Wearable, Portable and Stayable

Smart Umbrellas – Wearable, Portable and Stayable

They automatically open when it starts to rain. A rising tide lifts all boats. What does a deluge do? Lifts everything, docks, piers, boats and anyone standing in the way. IoT post the Consumer Electronic Show is no longer a rising tide it is a deluge. You can avoid a rising or surge tide unless…

What The FITARA Scorecard Tells Us About Government Cyber Security Preparedness

What The FITARA Scorecard Tells Us About Government Cyber Security Preparedness

Government Cyber Security Preparedness Last year’s massive data breach of Office of Personnel Management, as well as other recent cyber security incidents affecting federal agencies, underscored the urgency of bringing the federal government’s security infrastructure up to date. Although many agencies have made strides toward hardening their cyber security, outdated IT infrastructure and architecture is…

The Implication Of Consumers Not Having Their Heads In The Cloud

The Implication Of Consumers Not Having Their Heads In The Cloud

Customers CAN Better Protect Themselves The majority of cloud consumers don’t understand what cloud is let alone what the implications of transacting in the cloud or of having their data and digital assets stored in the cloud. As a result most consumers are their own worst enemy when it comes to putting themselves at risk…

How To Overcome Data Insecurity In The Cloud

How To Overcome Data Insecurity In The Cloud

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Where Is The Tipping Point For The Flying Drone Market?

Where Is The Tipping Point For The Flying Drone Market?

The Flying Drone Market In the past year I have written a number of articles here on CloudTweaks about Drones. I enjoy flying drones. One thing I’ve used my drone for is proving I didn’t need to do the worst fall maintenance job ever. Cleaning the gutters of the house by flying the drone around…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Advertising