We’ve written a few articles and resources on StateRAMP certification for Cloud Service Providers (CSPs). However, there are multiple parties involved in the process. One of the most important is the State agency searching for a secure CSP partner.  Here, we’ll discuss some of the high-level steps that a State agency must take to adopt StateRAMP requirements. This includes the necessary contacts, infrastructure, and documents needed to conform with StateRAMP.

Read More

StateRAMP, like FedRAMP, is a complex process geared towards helping Cloud Service Providers (CSPs) serve important government agencies. To ensure that these CSPs are up to date on the latest and strongest security and risk management tools and procedures, both FedRAMP and StateRAMP require CSPs to work with an independent party, called a 3PAO. 

If you’re just getting started as a CSP in the government space, or you’re a security firm interested in learning more about what it takes to be a 3PAO, then you’ll want to know more about the role of a 3PAO in these security frameworks.

Read More

Cloud Service Providers (CSPs) are quickly filling the gap for the computing and storage needs of government agencies. Both Federal and State governments are turning to enterprise-level tools, technologies, and practices to better manage citizen data and modernize critical infrastructure and services. They do this, naturally, by handling private citizen data that requires protecting, which means that cloud providers need to adhere to critical security standards like StateRAMP. 

Read More