New FedRAMP Compliant CSPs!
The FedRAMP PMO is excited to announce two new FedRAMP compliant cloud systems!
FedRAMP now has 34 compliant CSP systems! A complete list of all FedRAMP compliant CSPs can be viewed here.
Draft FedRamp-TIC Overlay Available for Public Comment
The FedRAMP PMO and TIC Initiative are jointly requesting feedback on a DRAFT FedRAMP-Trusted Internet Connection (TIC) Overlay. This DRAFT overlay is the first step in updating TIC’s current reference architecture to allow for greater flexibility as agencies move to the cloud securely. The overlay will enable mobile users to directly connect to Federal cloud system without utilizing a TIC Access Provider (TICAP) or Managed Trusted IP Service (MTIPS).
FedRAMP and TIC are seeking US Federal Departments and Agencies, CSPs, and other stakeholders to provide comments on this DRAFT overlay. The 30 day open comment period is from April 2, 2015 to May 1, 2015. All details about this request for feedback and documents to review are available at: www.FedRAMP.gov.
The FedRAMP PMO is excited to announce the addition of three accredited 3PAOs:
- GMS Registrar Ltd
- Lattimore, Black, Morgan, and Cain, P.C
- MindPoint Group, LLC
A full listing of all FedRAMP accredited 3PAOs can be viewed here.
FedRAMP Tip of the Month:
There’s no time like the present. While the requirement for notifying your FedRAMP ISSO on any significant change to your environment is at least 30 days, letting us know earlier rather than later of the potential change can help diffuse any questions and ensure the appropriate process is followed. Please keep in mind that a Significant Change Form (significant change as defined in the approved SSP), Security Impact Analysis, and appropriate supporting artifacts (if applicable: network topology, data-flow diagram, scan results, etc.) must be provided to your ISSO for review prior to implementing the change. Your ISSO will review the proposed change for any impacts to your environment’s security posture and determine next steps.
The Significant Change Form can be found [here:] (https://www.fedramp.gov/resources/templates-3/)
- Taken the Introduction to FedRAMP and Cloud Service Provider (CSP) Readiness Process training? It will help you learn about the program, how to navigate the process, and answer many of your questions.
- Followed @FedRAMP on Twitter? Stay up-to-date with news and upcoming events as well as interact with the PMO.
- Follow the FedRAMP team too! Find FedRAMP Director Matt GoodRich at @MrFedRAMP, Program Manager for Cybersecurity Claudio Belloli at @SecureCloudio, and Program Manager for Operations John Hamilton at @HamiCoud.
- April 21: ISACA National Capital Area Chapter. Rosslyn, VA
- April 22: RSA Conference, San Francisco, CA
- April 22: Economic Systems Conference, Washington DC
- May 5: Cloud Security Alliance Federal Summit, Washington DC
- May 14: FedRAMP Forum, Falls Church, VA
FedRAMP in the News
- FedRAMP: What you need to know , CSO Online
- FedRAMP eyes TIC overlay , WJLA
- GSA unveils plan to allow TIC compliance for FedRAMP services , FCW.com
- DHS trying to smooth the integration of cloud, network security programs , FederalNewsRadio.com
- FedRAMP wants to merge cloud, trusted Internet guidelines , Federal Times
- New FedRAMP rules aim to help agencies meet TIC requirements , FedScoop
- FedRAMP, DHS aim to merge TIC and cloud security authorization through single process , FierceGovernmentIT
- New FedRAMP, DHS initiative aims to make it easier for Feds to access the cloud , NextGov
- Coalfire Public Sector completes FedRAMP audit for Huddle cloud , Business Wire
- Huddle achieves FedRAMP Authority to Operate (ATO) from USAID , Digital Journal
- Huddle cloud collab service gets FedRAMP ATO from USAID , ExecutiveBiz
- A FedRAMP OK for Huddle , FCW.com
- First cloud collaboration software gets FedRAMP approval , Federal Times
- Huddle earns FedRAMP ATO for its cloud collaboration , FedScoop
- Huddle beats Box to FedRAMP certification , Forbes
- Huddle earns FedRAMP ATO from USAID , GCN.com
- Huddle’s ‘collaborative’ cloud offering latest to get FedRAMP seal of approval , NextGov
- Huddle’s SaaS collaboration tool is first to win key Federal endorsement , SiliconANGLE
- Huddle achieves FedRAMP Authority to Operate (ATO) from USAID , Virtual Strategy Magazine
- Coalfire Public Sector completes FedRAMP audit for FedRAMP Huddle cloud , Yahoo UK
- Huddle garners FedRAMP certification for government cloud data , ZDNet
- Ninetex Workflow Solutions are now available as a FedRAMP compliant cloud service , Thomasnet.com
- The top cloud providers for government , ZDNet
- Sonny Hasmi, former CIO of the GSA, joins Box to lead Federal government strategy , MarketWatch