Home / News / Christina McGhee: FedRAMP Helps DoD Assess Cloud Tech Security Before Implementation

Christina McGhee: FedRAMP Helps DoD Assess Cloud Tech Security Before Implementation

2224d7bThe Defense Department is able to check and ensure the security of any commercial cloud technology prior to purchase and deployment by DoD organizations through the Federal Risk and Authorization Management Program, Christina McGhee writes in an FCW piece published Wednesday.

According to Mcghee, FedRAMP offers a standardized method for agencies to approve and monitor cloud computing products from third-party providers.

DoD personnel previously monitored an information system’s risk posture throughout its life cycle by applying the information assurance certification and accreditation system, she writes.

Former Pentagon chief information officer Teri Takai appointed the Defense Information Systems Agency to serve as the Pentagon’s enterprise cloud broker in June 2012 and ordered that agency to only allow FedRAMP-certified services.

McGhee says DISA now uses a cloud security assessment model that is aligned with the FedRAMP initiative and providers who do not undergo DISA’s evaluation must apply for a waiver with the DoD CIO.

DISA requires cloud technology and service providers seeking provisional authorization to document and implement additional controls for defense systems, according to McGhee.

Check Also

SEC to Address Financial Technology Concerns, Innovations via New Hub

The Securities and Exchange Commission has opened a hub where it can coordinate with public and private sector entities to address concerns and initiate developments in financial technology.

Leave a Reply

Your email address will not be published. Required fields are marked *