As cloud service providers pursue their FedRAMP authorization process, they face a significant choice stemming from their ultimate goals in the federal space. This decision is based on how they are pursuing their working relationships with federal agencies and how well the provider is prepared for the rigorous FedRAMP assessment process. When a provider enters directly into a working relationship with a federal agency, they will almost certainly work through the FedRAMP “Agency” process.

Read More

StateRAMP is now nearly two years old, and the small project is quickly becoming a mainstay in the security industry. State and local governments are looking for a solid cybersecurity framework that they can use to vet and certify cloud providers that they may work with. 

In this article, we’ll talk about the basics of StateRAMP, specifically the Security Assessment Framework, and the processes and documents required therein.

Read More

The federal government leans more heavily on technology providers, including cloud computing platforms that support data storage, processing, and office application solutions. Accordingly, the question of data security is live, and the government’s response is to implement the FedRAMP authorization requirement. 

Like many other government programs, FedRAMP can threaten to bury the under prepared provider under a mountain of documents. Here, we’ll briefly cover the basics of FedRAMP documents and required reporting.

Read More