FedRAMP: A Heavyweight Security Framework for Cloud Service Providers

FedRAMP laptop keyboard

The real first rule about FedRAMP is that it’s a certification companies should get if they want to prove that their cloud services and products are secure enough for U.S. government data.

Read the full September 6, 2018 article published on cybersecurityventures.com here.

In its latest Compliance Report for Cybersecurity Ventures, Sera-Brynn shares how the FedRAMP rules came into being, who should care about FedRAMP, and why being FedRAMP certified is important for companies.

“The U.S. government strives to use a mix of commercial cloud technologies, private government clouds, and regional state and local government clouds. FedRAMP, or the Federal Risk and Authorization Management Program, certifies both public and private sector cloud service providers (CSP). It is rigorous. The assessment must be done by an authorized assessor. The process to become that authorized assessor is also rigorous. So, if you want to get in the ring and become a FedRAMP-authorized CSP or assessor, be prepared: it may not be a slugfest, but it’s challenging.”

For more information on Sera-Brynn’s FedRAMP assessment services, email fedramp@sera-brynn.com