Posted by SecurityArchitecture on Tuesday, January 3, 2023
It’s not entirely clear if simply codifying FedRAMP will have a noticeable impact on the program or the way it operates, but nothing in the law suggests any effort to strengthen federal cloud security requirements.
Posted by SecurityArchitecture on Saturday, December 27, 2014
The FedRAMP PMO rolled out a new logo and announced the addition of four cloud systems to its list of authorized service providers, bringing the total of authorized solutions to 27.
Posted by SecurityArchitecture on Tuesday, May 28, 2013
Last week, Amazon announced that it had received separate agency authorizations to operate (ATO) from the U.S. Department of Health and Human Services (HHS) for two of its Amazon Web Services cloud computing offerings, and that…
Posted by SecurityArchitecture on Saturday, January 5, 2013
Just over a year after OMB formally announced the the Federal Risk and Authorization Management Program (FedRAMP), which relies on third-party assessments of cloud service providers seeking to offer their services to government agencies, the FedRAMP…
Posted by SecurityArchitecture on Wednesday, December 21, 2011
In the latest follow-up to “cloud first” policy advocated by federal CIO Vivek Kundra and the Federal Cloud Computing Strategy issued last February, OMB released new federal policy guidance directing agencies to use the requirements, security…
Posted by SecurityArchitecture on Saturday, August 28, 2010
From a legal standpoint, it appears that while many opinions exist on how privacy can be protected in the cloud, who should ultimately be responsible for that protection, and how law enforcement agencies and other government entities should treat cloud environments, there are more unresolved issues than there are settled ones.
Posted by SecurityArchitecture on Monday, July 26, 2010
Google announced today that its public-sector focused cloud computing service, Google Apps for Government, successfully completed a security certification and accreditation (C&A) process and received an authorization to operate (ATO) from the General Services Administration. This…