http://www.informationweek.com/news/government/security/232400086 By Elizabeth Montalbano InformationWeek January 10, 2012 The federal CIO Council has released security controls for the new agency-wide program that standardizes security requirements for cloud-computing products and services, a key move in setting standards for cloud security across the federal government. More than 150 security controls in 16 categories have now been defined for the Federal Risk Assessment Program (FedRAMP), which provides common security requirements for cloud implementation on specific types of systems. FedRAMP also provides ongoing risk assessments and continuous monitoring, and carries out government-wide security authorizations for vendors providing cloud services and infrastructure that will be posted on a public website. The release of these controls "is the critical first step that to successfully launching FedRAMP," as they are the basis for the program's standardized approach to the security authorization process for cloud products and services, according to a blog post on CIO.gov, the website for the CIO Council. [...] _____________________________________________________ Did a friend send you this article? Make it your New Year's Resolution to subscribe to InfoSec News! http://www.infosecnews.org/mailman/listinfo/isnReceived on Thu Jan 12 2012 - 01:38:57 PST
This archive was generated by hypermail 2.2.0 : Thu Jan 12 2012 - 01:50:05 PST