Pro+ Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
June 2013 / Volume 15 / No. 5

Are FedRAMP security controls enough?

The U.S. government information technology strategy is out, and it’s clear that cloud-based platforms are now preferred over traditional, on-premise servers. The message is so strong that the strategy is referred to as “Cloud First.” Many businesses are struggling with how to assess and mitigate risks when using cloud service providers—the federal government is no different. It has developed a new methodology to help federal departments in their evaluations of cloud service providers in order to facilitate “a buy once, use many times” strategy. The Federal Risk and Management Accreditation Program (FedRAMP) is being jointly developed in coordination with multiple government entities and the private sector. It is based on a conglomeration of existing security standards including FISMA, NIST-800 and FIPS-199 in order to keep the cost of developing this new assessment tool under control. The goal is to build a catalog of pre-screened cloud service providers from which government agencies can select while reducing the cost of ...

Features in this issue

Columns in this issue

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

-ADS BY GOOGLE

Close