Will FedRAMP improve cloud security?

January 19, 2012 Published by  SearchCloudSecurity.com Cloud Security Briefing FedRAMP cloud computing standards initiative spurs optimism, criticism Marcia Savage, Site Editor Industry experts and cloud service providers are hopeful about the prospects of a new federal program that sets cloud computing security standards, but they also note some potential pitfalls. For one security expert, the program represents a lost chance to improve cybersecurity. The Obama Administration last month launched the Federal Risk and Authorization Management Program (FedRAMP), which sets a standard approach for assessing the security of cloud services and products against a baseline of controls. The goal is to cut the cost and time spent on redundant agency security assessments and cloud authorizations.Read more Subscribe via RSS Book chapter: Cloud security assessment techniques In Securing the Cloud, author J.R. "Vic" Winkler describes techniques to secure cloud computing. Winkler provides a framework for enterprises to transition to the cloud safely, taking into account alternate approaches, such as private vs. public and SaaS vs. IaaS. The book covers architectural aspects of securing a cloud, requirements for cloud data security and security criteria for building an internal cloud. Cloud risk assessment and ISO 27000 standards NIST guidance cites cloud security gaps, need for standards The National Institute of Standards and Technology (NIST), which has produced technical information security guidance since 1990, has been working to develop the technology and security standards necessary to deploy government services in the cloud. Last month, NIST released its three-volume draft document, SP500-253 U.S. Government Cloud Computing Technology Roadmap. Cloud computing disaster recovery: Best practices for DR in the cloud Your Information Technology Portal Stay up to date with IT resources, blogs and events Bitpipe.com: An IT resource library ITKE: Get answers to your toughest IT-related questions IT Events: Meet the experts and learn from those who have gone before you ABOUT THIS E-NEWSLETTER This e-newsletter is published by SearchCloudSecurity.com, part of the TechTarget network. TechTarget provides IT professionals with the resources they need to perform their jobs: Web sites, newsletters, forums, blogs, white papers, webcasts, events and more. Copyright 2012 TechTarget. All rights reserved. Designated trademarks and brands are the property of their respective owners. This email is published by the TechTarget Security Media Group. Copyright 2011 TechTarget, Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners. To unsubscribe from all TechTarget Security Media Group, Go to unsubscribe. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466 Contact: webmaster@techtarget.com When you access content from this newsletter, your information may be shared with the sponsors of that content as described in our Privacy Policy.