Cloud service providers (CSPs) working with Federal agencies must undertake the process of FedRAMP certification. To better facilitate that process, the government and FedRAMP governing bodies have developed several tools and programs to help them accomplish this. One of these, introduced in the last 5 years, is the FedRAMP Accelerated program and the FedRAMP Ready designation.

Learn more about the FedRAMP ready path, how it can help your organization achieve full ATO, and the important role that 3PAOs play in the process. 

Read More

Cloud providers and Managed Service Providers are increasingly looking to expand their potential client base and instill trust with their existing partners. One way they do this is through meeting compliance audits and standards in areas like healthcare and government (like FedRAMP or HIPAA), and the more stringent and comprehensive the better. That’s why many cloud providers look to federal compliance and contract work.

FedRAMP compliance, required for cloud providers in the federal space, isn’t an easy standard to meet. It requires working closely with an authorized security partner and meeting the exacting security IT control standards outlined in NIST Special Publication 800-53. 

Read More

We recently wrote an article discussing, briefly, a data breach for the security firm FireEye. At the time, FireEye claimed that the breach was the result of a foreign attack, a state-sponsored cyberattack, an event that has unfortunately become the norm in 2020. As we, along with the rest of the country, have learned the FireEye breach was connected to the massive SolarWinds hack, one that many are calling one of the largest security breaches in U.S. history. 

Here, we’ll talk about some of the basics of the attack, including how it happened and its impact. The lessons we can learn from the SolarWinds hack can emphasize just how important risk management is for companies large and small across the U.S.

Read More