Home / News / Christina McGhee: FedRAMP Helps DoD Assess Cloud Tech Security Before Implementation

Christina McGhee: FedRAMP Helps DoD Assess Cloud Tech Security Before Implementation

2224d7bThe Defense Department is able to check and ensure the security of any commercial cloud technology prior to purchase and deployment by DoD organizations through the Federal Risk and Authorization Management Program, Christina McGhee writes in an FCW piece published Wednesday.

According to Mcghee, FedRAMP offers a standardized method for agencies to approve and monitor cloud computing products from third-party providers.

DoD personnel previously monitored an information system’s risk posture throughout its life cycle by applying the information assurance certification and accreditation system, she writes.

Former Pentagon chief information officer Teri Takai appointed the Defense Information Systems Agency to serve as the Pentagon’s enterprise cloud broker in June 2012 and ordered that agency to only allow FedRAMP-certified services.

McGhee says DISA now uses a cloud security assessment model that is aligned with the FedRAMP initiative and providers who do not undergo DISA’s evaluation must apply for a waiver with the DoD CIO.

DISA requires cloud technology and service providers seeking provisional authorization to document and implement additional controls for defense systems, according to McGhee.

Check Also

VA Incorporating Customer Experience Principles Into CFR’s Core Values Section

The Department of Veterans Affairs is set to add a set of customer experience principles to the core values and characteristics section of its Code of Federal Regulations, Nextgov reported Friday. “Maintaining a sustained organizational commitment to, and institutionalized focus on, the voice of the customer is a critical component of modernizing VA to meet the needs and expectations of veterans, their families, caregivers and survivors,” according to the final rule scheduled for publication on Federal Register Monday.

Leave a Reply

Your email address will not be published. Required fields are marked *