Premium Content

Access "Are FedRAMP security controls enough?"

Published: 29 May 2013

The U.S. government information technology strategy is out, and it’s clear that cloud-based platforms are now preferred over traditional, on-premise servers. The message is so strong that the strategy is referred to as “Cloud First.” Many businesses are struggling with how to assess and mitigate risks when using cloud service providers—the federal government is no different. It has developed a new methodology to help federal departments in their evaluations of cloud service providers in order to facilitate “a buy once, use many times” strategy. The Federal Risk and Management Accreditation Program (FedRAMP) is being jointly developed in coordination with multiple government entities and the private sector. It is based on a conglomeration of existing security standards including FISMA, NIST-800 and FIPS-199 in order to keep the cost of developing this new assessment tool under control. The goal is to build a catalog of pre-screened cloud service providers from which government agencies can select while reducing the cost of multiple assessments. There is a ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Threat intelligence and risk: Why cybersecurity hangs in the balance
    ISM_0614.png
    E-Zine

    As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...

  • How to respond to the latest distributed denial-of-service attacks
    DDOS_attacks.png
    E-Handbook

    All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...

  • Figuring out FIDO as the first products emerge
    ISM_0514.png
    E-Zine

    The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...