http://www.nextgov.com/defense/whats-brewin/2014/11/disa-compliance-cloud-security-standards/98120/
By Bob Brewin
Nextgov.com
November 4, 2014
The Defense Information Systems Agency currently offers its military
customers certified cloud computing services from three vendors and has
another seven under assessment for compliance with governmentwide security
standards, top agency officials told Nextgov.
FedRAMP reviews aim to speed the adoption of cloud deployments across
government by allowing cloud services to be vetted once – at a particular
security level – and then deployed by a multitude of agencies. Agencies
must comply with FedRAMP as a matter of federal policy.
But as noted in a recent review from the Council of Inspectors General on
Integrity and Efficiency, neither the FedRAMP program office nor the Joint
Authorization Board -- made up of the chief information officers of
General Services Administration and the departments of Defense and
Homeland Security -- can force agencies to comply with FedRAMP.
The report identified 348 federal commercial cloud contracts with a value
of $12 billion as of fiscal 2014. But it did not identify specific
agencies that failed to meet certification requirements.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
