Modern enterprise relies increasingly on a complex network of vendors and service providers to handle their infrastructure. From security and cloud computing to applications and logistics, these providers will often take the most important data that the enterprise generates or processes. 

That’s why organizations must look at their vendors with more scrutiny. For example, getting involved with vendors that adhere to SOC 2 standards is a solid way to ensure that these providers maintain proper data security practices.

Read More

The draft memo released by the OMB signals many potential changes for the FedRAMP program, especially for the continuous monitoring process. Continuous monitoring is a crucial part of FedRAMP that ensures that CSPs maintain compliance. 

However, this process can also prove complicated and costly for cloud providers, especially small or unique companies offering innovative solutions. With that in mind, the new OMB memo addresses this by rethinking continuous monitoring. 

Read More

In the ever-expanding cosmos of cloud computing, the Federal Risk and Authorization Management Program (FedRAMP) is the primary standard for cloud service providers working with federal agencies. Recognizing this, the Office of Management and Budget (OMB) has released a draft memorandum to revitalize FedRAMP, signaling a pivotal transformation to enhance the program’s efficiency, agility, and responsiveness to modern security threats. 

This article will explore the newly proposed authorization paths for FedRAMP, how they differ from the previous standard, and what that might mean for cloud products and providers. 

Read More