Let FedRAMP be your security guide

Let FedRAMP be your security guide

Living in the Washington, DC area, we are bombarded with advertisements touting services for the government. These ads include everything from logistic services to basic office services provided by companies that support the physically challenged to technology services. Ads that resonate with me are the ones for “cloud” services that tout being FedRAMP certified.

Hard shell security leads to a gooey mess

Hard shell security leads to a gooey mess

Continuing the discussion on the state and future of #MyIndustry, the information security industry, I bring you commentary based on the most recent news. UCLA Health may be ranked as one of the best healthcare facilities in the nation, but when it comes to information security it is as common as anyone else. On July 17…

“Best Practice” shows the cloud’s security weaknesses & Amazon contributes

“Best Practice” shows the cloud’s security weaknesses & Amazon contributes

When an information security analyst performs a risk assessment, the analyst is supposed to look at the full systems architecture in order to determine whether the required confidentiality of the data can be maintained, the integrity of that data can be proven, and the data is made available in a manner consistent with the business requirement. The analysis should also take into account the impact of the availability of the system.

Why isn’t violating FISMA a crime?

Why isn’t violating FISMA a crime?

The following is the text of a letter that was sent to Sens. Ben Cardin and Barbara Milkulski. A copy was also sent to Rep. Chris VanHollen: As I watched the reporting of the interaction between House Oversight and Reform Committee and OPM Director Katherine Archuleta and OPM CIO Donna Seymour, I realized that no matter how many times government officials are scolded by members of congress, there will remain no consequences for the OPM’s issues.

Pin It on Pinterest