The National Institute of Standards and Technology’s held the Cloud Computing Forum & Workshop to kick off two initiatives around Cloud Computing: FedRAMP and SAJACC. The first Federal CIO ever appointed, Vivek Kundra, spelled out the Federal Government’s staggering IT needs (and these numbers don’t even include the NSA): “$76B in IT spending annually, 10,679 IT systems, 300M customers and 1.9M federal employees.”
FedRAMP, spearheaded by the federal CIO Council, is a unified government-wide risk management program focused on developing accepted cloud computing environments. Although the goal of FedRAMP is to provide security authorizations and continuous monitoring of shared systems (clouds initially), individual agencies will still be have the authority and responsibility to use systems that meet their specific security needs. So while agencies will be able to save significant time and money by leveraging the FedRAMP authorizations, it will not be a requirement.
FedRAMP will work with a vendor (currently Microsoft and Google are in pilot mode) to evaluate their overall security environment and publish a list of security controls. FedRAMP will likely not meet the goals of all agencies, so moving to cloud will still require some security work. While FedRAMP will be based on the new NIST security framework that included DoD – there still will be some gaps between civilian, DoD and Intel agencies that will not make FedRAMP certification a slam-dunk for vendors. All of the implementation details on how this is funded, who monitors the systems after certification and who executes and enforces FedRAMP are also all TBD.
The other initiative, Acceleration to Jumpstart the Adoption of Cloud Computing SAJACC (pronounced Say – Jack) sponsored by NIST will be examining use cases, specifications and pointers to systems to help promote cloud solutions. The current focus is on IaaS since there are more standards around how to use foundational infrastructure like servers and storage. The big focus for SAJACC is portability, interoperability and security in the cloud. NIST is creating a portal where folks can see how government is using the cloud and work to connect them to solutions. Like FedRAMP, the details still need to be ironed out in terms of commercial software licensing and the process for vendor evaluation; however, they already identified nine systems that will be included in the portal.
Terremark must be licking their chops. Very good for the industry, no matter what.
Pingback: turbine a glace
Pingback: cuiseur vapeur
Pingback: http://www.balaivapeur.org/
Pingback: barbecue gaz
Pingback: aspirateur-silencieux.fr
Pingback: aspirateur balai
Pingback: facebook. of sex
Pingback: montres homme
Pingback: montre automatique
Pingback: http://www.decodeurtnt.org/
Pingback: white watches for women
Pingback: phentermine negative review
Pingback: phentermine abuse
Pingback: tables basses
Pingback: phentermine no rx
Pingback: sacoche homme
Pingback: imprimante laser couleur
Pingback: téléphone fixe sans fil
Pingback: sorbetière
Pingback: disque dur externe pas cher
Pingback: casque audio sans fil
Pingback: telephone fixe
Pingback: paul
Pingback: site
Pingback: gps moto pas cher
Pingback: robot multifonctions
Pingback: mens automatic watches
Pingback: sac a main pas cher
Pingback: montres femmes
Pingback: tireuse a biere
Pingback: Degenerative Joint Disease
Pingback: plancha gaz
Pingback: lit parapluie
Pingback: white watches
Pingback: robot ménager
Pingback: Great Site
Pingback: buy unique hoodia
Pingback: echelle telescopique
Pingback: reflex numerique
Pingback: http://www.flukiest.com/media?f_blog_id=331349
Pingback: mens white watch
Pingback: garmin forerunner 305
Pingback: friteuse sans huile seb actifry
Pingback: http://www.bottespascher.net/
Pingback: glaciere electrique
Pingback: tente de camping
Pingback: autoradio dvd gps
Pingback: Top Audio Interface
Pingback: photocopiers kent
Pingback: Bob