What is the Cybersecurity Maturity Model Certification Framework (CMMC)?

Mar 5, 2021 Lazarus Alliance 0 Comment

Government work is the new and lucrative frontier for IT and cloud providers, and part of its competitiveness is the rigorous requirements for service providers that weed out those who aren’t prepared for such work, leaving effective and professional outfits that can function at a high-level and provide services that other companies can’t.

While many providers know about standards like FedRAMP or NIST requirements, not many know about CMMC. This relatively new framework impacts IT and cloud providers who want to work with agencies under the Department of Defense (DoD) but provides a clear picture of the requirements these providers must meet to work with sensitive data.

What is Continuous Monitoring for StateRAMP Cloud Service Providers?

Feb 24, 2021 Lazarus Alliance 0 Comment

StateRAMP continuous monitoring featured

Part of StateRAMP compliance certification is the practice of continuous monitoring, where Cloud Service Providers (CSPs) and Third-Party Assessment Organizations (3PAOs) work together to ensure secure cloud environments that meet requirements for data protection.

What is the Role of the 3PAO in StateRAMP Certification?

Feb 11, 2021 Lazarus Alliance 0 Comment

StateRAMP, like FedRAMP, is a complex process geared towards helping Cloud Service Providers (CSPs) serve important government agencies. To ensure that these CSPs are up to date on the latest and strongest security and risk management tools and procedures, both FedRAMP and StateRAMP require CSPs to work with an independent party, called a 3PAO.

If you’re just getting started as a CSP in the government space, or you’re a security firm interested in learning more about what it takes to be a 3PAO, then you’ll want to know more about the role of a 3PAO in these security frameworks.