• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
Download
 
Slide 1
“A Federal Cloud Computing Roadmap”
A Federal Cloud ComputingRoadmap
John CurranServerVault Corp
 
Slide 2
“A Federal Cloud Computing Roadmap”
A Federal Cloud Computing Roadmap
Provides one possible answer to the question:
“What set of actions by the cloud computing industry (and related parties) would allow Federal agencies togain the benefits of cloud computing while maintainingcompliance with Federal IT policy?” 
Why is this important to discuss?
US Government is a potentially large, influentialcustomer for the cloud computing community
The closer we are to consensus on a roadmapfor the solution, the less fear, uncertainty & doubt will remain in circulation for our industry
Some technical controls may have interoperabilityor coordination aspects that have long lead times
 
Slide 3
“A Federal Cloud Computing Roadmap”
Cloud Computing is “Outsourced IT”
FISMA (Title III, Pub. L. No. 107-347), Section 3544(b)requires each agency to provide information security forthe information and “information systems that supportthe operations and assets of the agency, including thoseprovided or managed by another agency, contractor, orother source.” 
OMB M-08-21 includes specific guidance for use of contractor,outsourced, and/or SaaS services:
Security controls must be provided commensuratewith the risk and magnitude of harm of damage tothe information system (Risk Impact Level)
Agencies must insure all FISMA policy requirementsare met, including identical (not “equivalent”) securityprocedures and processes
Service providers must work with agencies to meet allrequirements including an annual agency audit/evaluation
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...