FedRAMP

  • DoD revisiting security guidelines for commercial cloud

    The Defense Information Systems Agency, which serves as the broker between Defense Department components and commercial providers of cloud computing services, says the certification standards it set for commercial providers may be too arduous for vendors. DoD also launched five pilots to test the use of commercial cloud providers and is reassessing how it develops cloud requirements.

  • Cloud from the big company perspective

    Scott Gaydos, chief technologist, Federal Healthcare, U.S. Public Sector, HP Enterprise Services, discusses how his company can help your agency with its cloud initiatives. June 24, 2014

  • DoD to test cloud security requirements above, beyond FedRAMP

    DISA is working with the services to identify a mission-critical application in the cloud to ensure the additional requirements for Level-3 security are appropriate and achievable. Meanwhile, the FedRAMP program office is beginning to consider what the program will look like in two to three to five years.

  • Inside the Reporter’s Notebook: FedRAMP compliance results months away, OMB’s word of the year: Effectiveness

    In this edition of Inside the Reporter’s Notebook, Executive Editor Jason Miller shares news and buzz about the IT and acquisition communities.

  • Inside the Reporter’s Notebook: The funny side of strategic sourcing; NSTIC turns 3

    In this edition of Inside the Reporter’s Notebook, Executive Editor Jason Miller shares news and buzz about the IT and acquisition communities. GSA and SBA continue their ongoing quarrel over the Office Supplies 3 contract, and April marks the three-year anniversary of NSTIC’s release.

  • GSA’s Dave McClure leaves for private sector

    David McClure of the General Services Administration announced Wednesday that he will leave the agency for the private sector. McClure is just one of many senior executives to recently leave federal service for the private sector.

  • Version 2 of cloud cybersecurity standards coming soon

    DoD CIO Teri Takai clarifies the Pentagon plans to use the FedRAMP baseline. DHS and GSA are working together to ensure the continuous diagnostics and monitoring program and FedRAMP are aligned. But questions remain around how other cyber initiatives fit into the cloud security program.

  • Inside the Reporter’s Notebook: DoD taking own path with cloud security, Treasury’s Reger joins OMB

    In this week’s Inside the Reporter’s Notebook, Executive Editor Jason Miller explores how DoD is developing its cloud security standards and Treasury is filling a financial management void.

  • FedRAMP cloud deadline looming amid updates to the program

    Agencies must use only cloud services that have been approved under the Federal Risk Authorization and Management Program (FedRAMP) by June. OMB will receive more details on agency progress with the latest quarterly update through PortfolioStat. Meanwhile, FedRAMP’s security baseline will be revised this summer.

  • 12 ways to better merge cloud services with ongoing cyber initiatives

    A new white paper from SafeGov recommended ways for agencies to move to an integrated cloud and cyber approach and away from one that is fragmented and ad hoc in many respects. Karen Evans, a co-author of the report and a former Office of Management and Budget administrator for e-government and IT, said agencies need a clearer picture of how this integration could happen.