Latest Posts

Clean Your Room Tips: How to Organize Your Room

There are plenty of ways to organize your room and make it feel more like home. You can start by removing the clutter. This...

How Old Is Spotemgottem?

How Old Is Spotemgottem? Spotemgottem started in 2016, but he’s already been featured on sites like TechCrunch, Venture Beat, etc. He’s a smart, young...

How to Make Money Selling Open Source Software

The idea behind making money selling open source software is that the more people use it, the better and more popular it becomes. You...

Cloud Security: How to Protect Your Data and Privacy

Cloud Security: There is no doubt that cloud computing has revolutionized how businesses and individuals operate. Today, nearly everyone has access to an online...

What Is FedRAMP and How Will It Affect Cloud Security?




Expected to be operational by June of 2012, the Federal Risk and Authorization Program (FedRAMP) is the current administration’s attempt to set cloud computing security standards for cloud service providers (CSPs). The primary goal of FedRAMP is to streamline the authorization process for government agencies to work with public and private cloud hosting companies. This is coming on the heels of certain provisions in the 2012 National Defense Authorization Act that require the Department of Defense to migrate data to private-sector cloud solutions. This is mainly due to assessments confirming that the private sector can provide equal or greater security at a fraction of the cost.

What Is FedRAMP and How Will It Affect Cloud Security? 1

This is exciting news within the cloud hosting community, although there are concerns. How will FedRAMP accomplish what it proposes? As of January 6th, FedRAMP’s Joint Authorization Board has approved the control baselines for federal agencies. What this means for CSPs is that once approved, the process need not be applied again. The control baselines are universal; therefore, working with multiple government agencies should, in theory, be easier. If a particular agency has additional security needs, CSPs will not be required to jump through the same hoops, as that groundwork has already been laid. Of course, this is the best-case scenario, as with all bureaucracy, the potential for becoming bogged down in red tape is always on the horizon.

This is a significant concern as every state and federal agency will use FedRAMP as a building point. If they so choose, decide to implement a host of security requirements in addition. This could effectively render FedRAMP compliance irrelevant. In fairness to these agencies, they are not all going to fit nicely into what FedRAMP will package as a cloud security standard. From a provider’s point of view, the questions are many. Most CSPs are concerned about how to make legislation and compliance work effectively for the company. Yes, it is wonderful that the federal government feels that the private-sector CSPs can provide better security for less. Before we all pat ourselves on the back, we need to look at how IT industry standardization has played out in the past.

Related Articles : 

IT solutions that change the landscape have outdistanced the government’s ability to legislate promptly for over a decade. These changes are coming faster and faster, while the ability to create new contract programs continues to move at the same pace. For example, reverse auctions and seat management accomplished nothing more than time and debt on both sides. There really is nothing to suggest that FedRAMP will be any different, other than the refreshing idea of “do once, use many times.

The concept of laying down universal cloud-based security standards is fundamentally sound. Working with government agencies will most certainly appeal to many CSPs. Corporations ready to make a move to cloud-based solutions will most likely find comfort with the knowledge that a universal security standard is in place. It, unfortunately, remains to be seen if the government can keep up with every new advance in the IT world without dragging it back down in the legislative process.

How will FedRAMP affect cloud security? Historically the government allows too many chefs in the kitchen when it comes to IT legislation. If this administration can manage to field the right people for the task, there are high hopes that FedRAMP will step in the right direction for cloud security standards. The possible downside is that FedRAMP could end up obsolete before it is ever implemented, or worse, do actual damage. If the private sector is already providing a level of security superior to the federal government, is it essential?




Latest Posts

Clean Your Room Tips: How to Organize Your Room

There are plenty of ways to organize your room and make it feel more like home. You can start by removing the clutter. This...

How Old Is Spotemgottem?

How Old Is Spotemgottem? Spotemgottem started in 2016, but he’s already been featured on sites like TechCrunch, Venture Beat, etc. He’s a smart, young...

How to Make Money Selling Open Source Software

The idea behind making money selling open source software is that the more people use it, the better and more popular it becomes. You...

Cloud Security: How to Protect Your Data and Privacy

Cloud Security: There is no doubt that cloud computing has revolutionized how businesses and individuals operate. Today, nearly everyone has access to an online...

Don't Miss

Top 5 First Person Shooter World War 2 Games

5. Return to Castle Wolfenstein (PC - 2001) The much-anticipated sequel of the father of all first-person shooter, Wolfenstein 3D, is hard to exclude from...

A Career in Testing Video Games

Playing video games for a living makes one think that this is the ideal job. People who witnessed the advent of computer gaming in...

Dangers of Game Addiction

Ever since the advent of video games, there have been debates on the pros and cons of gaming. While there is no denial that...

Top 5 Best Facebook Apps (Games) Of June 2013

Facebook is a virtual world with a lot of apps. And they're all different and (sometimes) addictive in their own sense. Top Facebook apps...

Gaming: Evolution and Devolution

People often have trouble understanding the word "tradeoff," sure enough, it's easy enough to understand as exchange. Still, in today's corporate parlance, it is...

Stay in touch

To be updated with all the latest news, offers and special announcements.