Feds Developing Cloud Security Program
InformationWeek (03/31/10) Hoover, J. Nicholas
A U.S. federal interagency working group is developing a unified, governmentwide risk-management program that could greatly decrease the amount of security work agencies must do to access cloud services. The proposed new effort, called the Federal Risk and Authorization Management Program Pilot (FedRAMP), would give agencies a centralized approach to solving security problems such as certification and accreditation. FedRAMP will develop common security requirements for certain systems, provide ongoing risk assessments, and carry out governmentwide security authorizations. Agencies also will be able to see what security controls have been conducted for different products and services. The program would make certification and accreditation processes simpler because they would only need to be carried out once per cloud service, and agencies could share security management services. Initially, the program would focus on public and private cloud computing technologies, but could eventually expand to cover traditional Web hosting and other domains.
Wednesday, March 31, 2010
Blog: Feds Developing Cloud Security Program
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment