by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : September 30, 2014
Fo C o f For government agencies looking to take advantage of the cost, scalability computing provides, there has never been a safer time to get started. and Authorization Management Program (FedRAMP). The program, which started in 2012, provides agencies and contractors with a series of steps regarding security assessment, authorization and continuous monitoring for cloud products and services. It includes more than 300 security controls. FedRAMP recently took a giant leap forward. Starting in June 2014, cloud service providers working with the federal government must have their cloud about a dozen cloud vendors have been authorized to operate cloud services on behalf of the federal government, and addition, more than two dozen third-party assessment organizations have passed the requirements to verify cloud vendors' FedRAMP compliance. There are other reasons why agencies is assured. One way is by relying on the National Institute of Standards and Technology's (NIST) guidelines on security and privacy, including its Cloud Computing Security Reference Architecture. The architecture helps agencies choose cloud-based services that in the most secure manner. And defense agency clouds can now rely on FedRAMP in addition to DOD requirements, instead of also having to comply with the DOD Accreditation Process (DIACAP). In addition to working only with cloud service providers whose offerings have agencies should ask these questions before making a decision: • Does your system meet our other security requirements? These may include SOC, ITAR; HIPAA; FISMA Low, Moderate or High; any number of other state regulations. • Have your personnel all passed background checks? • Are your data centers on U.S. soil? requirements? • Does your security policy include provisions that require notifying customers of security breaches? • How do you guarantee your Service Level Agreement (SLA)? • What is your disaster recovery plan? • Do you have other government customers? Can we talk to them? G m GAME CHANGING ECHNOLOG O MEE AGENC MI ION SPONSORED REPORT SECURE HYBRID CLOUD FOR GOVERNMENT MUCH LIKE MULTIPLE TENANTS share an apartment building, a multi-tenant cloud is one where several organizations share a computing resource in the cloud. A multi-tenant architecture distributes a single instance of software or other resource among multiple users. Each organization's data is separated from the rest and fully secure. Here is what you need to know: Q: m - A: A tenant is an application that requires its own separate, secure computing environment. In a multi- tenant environment, a cloud service is shared among several organizations and managed by all of the organizations together or a third party managed service provider. Q: How m - r from br o A: A hybrid cloud is a mix of public and private clouds, while a multi-tenant cloud is an infrastructure shared by several organizations that can include several private clouds, a combination of public and private clouds, or only the public cloud. Q: How r m - o A: ince multiple organizations are sharing resources, security is critical. In addition to being FedRAMP- certified, a secure multi-tenant cloud will encrypt data both at rest and in motion, fully separate the data of each group sharing the resource, and require usernames and passwords. Nobody---not even the hosting provider---can access an organization's data. Q: I m - o m omm o A: Basically, yes. he idea is the same; a cloud service model shared by several organizations with similar requirements. It's ideal for organizations collaborating on projects, research or applications. In the case of government, several agencies that need to operate under a HIPAA-compliant infrastructure might use this model. Q: r b fi of m - v ro m A: Because you're sharing resources, costs are lower. And even though you're all sharing one instance of an application, for example, you can still customize your instance. WHAT IS MULTI-TENANCY, ANYWAY?
September 15, 2014