The Federal Risk and Authorization Management Program office seeks public feedback on a draft baseline for hosting and securing high-impact federal information systems in cloud environments, FierceGovernmentIT reported Thursday.
Dibya Sarkar writes FedRAMP’s Joint Authorization Board currently only authorizes cloud offerings that require low- to moderate-level security.
The higher baseline is designed for the departments of Homeland Security, Defense, Veterans Affairs and other agencies that manage sensitive data.
“The intent of the baseline is to identify the federal standard that needs to be met at a minimum across … all uses of cloud computing services on federal data,” FedRAMP Director Matt Goodrich said during a webinar held Wednesday, according to the report.
JAB plans to issue a second draft this summer and release the final high security requirements before the end of this year, Sarkar reports.