DISA Releases Cloud Security Requirements

Grazed from FedWeek.  Author: Editorial Staff.

The Defense Information Services Agency has released new cloud computing security requirements for DoD and contractors to follow.  The DoD Cloud Computing Security Requirements Guide (SRG), Version 1 supersedes the Cloud Security Model (CSM) V2.1.

The new SRG includes details on how to transition from the CSM for cloud service providers that are currently being assessed, or that have a provisional authorization. It also applies to all CSP offerings, regardless of who owns or operates the environments, according to DISA...

It said the SRG establishes a basis on which DoD will assess the security posture of a non-DoD CSP’s service offering, defines the criteria for the use of commercial services by DoD mission owners, and provides guidance on planning and using CSPs...

Read more from the source @ http://www.fedweek.com/fedweek-information-technology/disa-releases-cloud-security-requirements/