NIST 800-53 Rev 5 and FedRAMP: What’s Happening in Federal Cloud Compliance?

NIST 800-53 featured

FedRAMP is a relatively stable framework. Built on NIST Special Publication 800-53, the requirements that Cloud Service Providers (CSPs) and Managed Service Providers (MSPs) are clear and straightforward, depending on their services. NIST SP 800-53 is subject to revision, however, and the most recent version (Revision 5) was finally published in September of 2020. This revision signals changes that could impact providers under FedRAMP authorization. 

Here, we’ll cover NIST 800-53 and how it relates to FedRAMP, as well as some of the information we currently have regarding the new revision and how FedRAMP adoption might roll out. 

 

Read More

FedRAMP or FISMA – What’s the Difference

FedRAMP and FISMA

Government compliance standards can seem like a veritable alphabet soup. Making matters worse, many of them, like FedRAMP and FISMA seem to overlap, and many organizations aren’t sure which rules are mandatory to do business. With the rise of cloud computing, there has been an increased emphasis within the government to transition to commercial cloud services. It is mandated within the government to move to cloud-based services if they are available to meet the mission need of the federal agency.

Two standards that seem to cause the most questions are FISMA and FedRAMP.

Read More

How does FedRAMP help Cloud Service Providers?

FedRAMP CSP

FedRAMP is one of the most popular topics on our website and blogs. One big question we often receive from Cloud Service Providers (CSP), is how can a FedRAMP authorization impact their business.

Cloud Service Providers and FedRAMP

FedRAMP is a program that enables cloud services providers (CSPs) to meet and demonstrate the security requirements embedded with FISMA and the NIST publications so that an agency may outsource with the confidence that its cloud service provider is meeting those requirements.

Read More