What is FedRAMP?
The FedRAMP government-wide assessment process has been developed as a result of extensive collaboration and research with cloud computing experts and cybersecurity professionals from the GSA, the Federal CIO Council, DHS, NIST, NSA, DOD, and leaders from private industry. One component within the new standard for the emerging trend towards increased cloud computing is a requirement for software and information integrity.
The Benefits
One of the benefits of FedRAMP is an increase in information security since it replaces a variety of forms and the duplication of existing procedures. The FedRAMP structure is based on an accepted set of consistent baseline processes and vetted security controls that have been reviewed and agreed to by federal government agencies.
The process of FedRAMP assessment is used by agencies or cloud service providers (CSPs) at the beginning of a security authorization using the FISMA-compliant FedRAMP requirements which are based on the NIST 800-53 rev3 and initiating work with the FedRAMP PMO [1].
It is required that all moderate and low-impact cloud computing services utilized by more than one government office or agency must be in FedRAMP compliance by 2014. The qualification deadline for FedRAMP certification is June 5th, 2014. Given the upcoming deadline that's only months away, there is not a great deal of time left to complete the certification requirements. It typically takes cloud computing service providers six months to complete the entire process. Both the cloud provider and agency are required to meet up to 298 individual security controls.
Meeting FedRAMP Requirements With CimTrak
FedRAMP’s baseline security control SI-7 requires “software and information integrity”. CimTrak meets this integrity monitoring mandate with its leading-edge file integrity monitoring solution. CimTrak easily protects the integrity of software and data in the cloud. The CimTrak solution is deployed by many cloud providers including those who use the U.S. Federal Government system and are thus required to comply with FedRAMP.
Get in contact to schedule a time to discuss how to meet this pending requirement in advance of the deadline.
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".
