Premium Content

Access "Is FedRAMP the cloud security standard we've been waiting for?"

Published: 31 Jul 2014

The Federal Risk and Authorization Program ¬†was launched in June 2012 to support the adoption of standardized cloud services among federal agencies in response to President Barack H. Obama's "cloud first" policy -- a move intended to reduce the government's IT spending by cutting the number of data centers in use and sharing computing resources. To continue working with the federal government, cloud service providers (CSPs) had to apply for an authorization to operate (ATO) via either the FedRAMP Joint Authorization Board (JAB) or directly through a government agency by June 5, 2014. It's a feat that 12 CSPs have completed to date -- Akamai Technologies, Amazon Web Services, HP, IBM, Lockheed Martin, Microsoft and Oracle among them -- with dozens more stuck in a lengthy queue. While FedRAMP was created to save federal agencies both time and money ($40 million so far based on FISMA reporting), the accreditation program has been touted in some corners as a standards-based cloud security approach that could serve as a model for other CSP environments. In June, ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free

  • Strategies for a successful data protection program

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...