Feds Launch Cloud Security Standards Program

Federal agencies will soon have a government-wide security standard for assessing, authorizing and monitoring cloud products and services.

Federal agencies will soon have a government-wide security standard for assessing, authorizing and monitoring cloud products and services.

Federal CIO Steven VanRoekel Thursday unveiled the Federal Risk and Authorization Management Program (FedRAMP), which establishes a set of baseline security and privacy standards that all cloud service providers will need to meet in order to sell their products to government agencies.

The program requires that all federal agencies use only FedRAMP-certified cloud services and technologies for public clouds, private clouds, hybrid clouds and community clouds. The program also covers all cloud service models, including Software as a Service (SaaS) and Platform as a Service (PaaS).

FedRAMP will also provide federal agencies with standard procurement language to use in requests for proposals from cloud service vendors.

A Joint Authorization Board, comprising of security experts from the Department of Homeland Security (DHS), General Services Administration (GSA) and the Department of Defense will be responsible for updating the FedRAMP security requirements on an ongoing basis.

Read More

Share on: Facebook del.icio.us Digg StumbleUpon Twitter

Contributors

The Kaepernick Mess by Angus DuBois Posted: 09/01/2016 08:21:00

FOCUS on the Middle Market: Bruce McCain, KeyBank by KeyBank Posted: 12/05/2017 19:57:00

FOCUS on the Middle Market: Robert Zafft, Attorney and business ethics specialist by PCEO FOMM Posted: 03/24/2017 11:00:00

Are You Ready for Digital Transformation? by Ted Pryor Posted: 06/20/2017 19:35:00

Tweets by @PCEOMag