Contractors Dealt Blanket Cloud Security Specs
January 9, 2012
The White House is speeding ahead on a program to expedite security clearances for cloud products, having just notified contractors of about 170 specific protections soon to be required.
The security controls, released Friday, are intended to prepare agencies and vendors for the Federal Risk and Authorization Management Program, or FedRAMP, that is slated to go live in June.
The publication is a one-size-fits-all checklist for handling risks associated with Web services that would have "low," meaning limited, or "moderate," meaning serious, impact on government operations if disrupted. By following this list, supporters say, the government will be able to inspect a product once, assured that it will meet any agency's security needs. And providers won't have to waste time being approved by every single agency interested in their products.