Cloud security – A closer look at FedRAMP

Grazed from FCW. Author: John Moore.

Security concerns typically provide the chief source of rain for the cloud parade, as worries about data leakage and other cyber maladies have caused federal IT managers to think twice about cloud computing. Indeed, more than 50 percent of respondents to an 1105 Government Information Group survey declared that cloud solutions lack sufficient security.

The government is looking for ways to assuage that anxiety and spark cloud adoption because federal data center consolidation efforts — not to mention the Obama administration’s cloud-first policy — rely on the technology. Therefore, the Federal Risk and Authorization Management Program (FedRAMP) brings together officials from the General Services Administration, Department of Homeland Security and Defense Department, among others, to provide a standardized approach for determining the security of cloud-based services…

FedRAMP launched in June, and as of mid-September, more than 50 commercial vendors and agencies had submitted initiation requests to FedRAMP’s program management office, said Kathy Conrad, principal deputy associate administrator at GSA’s Office of Citizen Services and Innovative Technologies. Those requests mark the first step in the FedRAMP security assessment process. FedRAMP now runs in what the government calls an initial operational capability mode. It is slated for full operational capability in the second quarter of fiscal 2013, based on feedback from the earlier stage…

Read more from the source @ http://fcw.com/articles/2012/10/15/exec-tech-cloud-security-fedramp.aspx