Home / News / Christina McGhee: FedRAMP Helps DoD Assess Cloud Tech Security Before Implementation

Christina McGhee: FedRAMP Helps DoD Assess Cloud Tech Security Before Implementation

2224d7bThe Defense Department is able to check and ensure the security of any commercial cloud technology prior to purchase and deployment by DoD organizations through the Federal Risk and Authorization Management Program, Christina McGhee writes in an FCW piece published Wednesday.

According to Mcghee, FedRAMP offers a standardized method for agencies to approve and monitor cloud computing products from third-party providers.

DoD personnel previously monitored an information system’s risk posture throughout its life cycle by applying the information assurance certification and accreditation system, she writes.

Former Pentagon chief information officer Teri Takai appointed the Defense Information Systems Agency to serve as the Pentagon’s enterprise cloud broker in June 2012 and ordered that agency to only allow FedRAMP-certified services.

McGhee says DISA now uses a cloud security assessment model that is aligned with the FedRAMP initiative and providers who do not undergo DISA’s evaluation must apply for a waiver with the DoD CIO.

DISA requires cloud technology and service providers seeking provisional authorization to document and implement additional controls for defense systems, according to McGhee.

Check Also

NBIB Continues Background Investigations Amid Government Shutdown

The National Background Investigations Bureau is still running despite the partial government shutdown's effects on the Office of Personnel Management, Nextgov reported Wednesday. The bureau continues to run on funds that customer agencies pay for investigation work. The NBIB has managed to cut a backlog of 725,000 investigations down to 600,000 between April and the end of 2018.

Leave a Reply

Your email address will not be published. Required fields are marked *