by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : February 2014
Cloud service providers are supposed to meet the government s baseline cloud security standards by June 5. But it s not entirely clear what will happen if they don t. CSPs that fail to achieve Federal Risk and Authorization Management Program (FedRAMP) compliance by that date face the uncomfortable possibility of getting the agency or department they contract with in trouble with oversight bodies, according to a spokesperson for the Office of Management and Budget, which will play an oversight role in ensuring FedRAMP compliance. However, it s not as though the cloud services will be halted on the spot. "OMB will work with agencies through normal oversight processes and channels to measure and analyze agency efforts with regards to this pro- vision," the spokesperson said. That means attention from inspec- tors general and potentially the Gov- ernment Accountability Of ce, which What happens after the FedRAMP deadline? Of ce of Personnel Management employees are being laid off due to reduced agency hiring 356 Trending already has a busy year ahead in fed- eral IT. Such reports are likely to be critical not only of the CSPs but also of the agencies themselves, particu- larly CIOs. "We expect an onslaught of com- panies approaching us to leverage us for FedRAMP compli- ance, and no CIO wants to be in those oversight reports," one source from a FedRAMP-com- pliant CSP told FCW. "Some companies are going to hope the dead- line gets pushed back, but they re going to have to spend money to pro- tect their revenue." However, because achieving com- pliance requires a signi cant invest- ment of time and money, the source said some companies might opt to take a wait-and-see approach. If the reper- cussions aren t there after the deadline, some might gamble and continue to delay. Thus far, 10 companies have earned FedRAMP compliance for 13 solutions through either an agency author- ity to operate or approval from the FedRAMP Joint Authorization Board. Another group of CSPs is somewhere in what is typically a four- to six-month- long FedRAMP process. The FedRAMP policy memo states that "all currently implemented cloud services or those services currently in the acquisition process" must meet the FedRAMP security authorization requirements, which consist of 298 security controls based on National Institute of Standards and Technol- ogy guidelines. The OMB spokesperson said those standards are not set in stone and will continue to "evolve and be updated over time," much like cloud technology itself (see related story on Page 29). "This is a re ection that cyberse- curity is a dynamic rather than static eld," the OMB spokesperson said. "Additionally, as the cloud computing industry matures and the government s adoption of cloud computing increases, FedRAMP will gain additional knowl- edge and lessons learned, which will inform the FedRAMP security controls baseline." --- Frank Konkel FCW CALENDAR Data center consolidation This event, produced by FCW parent company 1105 Media, will look at the tools available for consolidating when working with big data. Washington, D.C. http://is.gd/FCW_bigdata Budget AFCEA Bethesda's monthly breakfast will focus on scal 2015 with its fth annual Federal IT Budget Preview. Bethesda, Md. http://is.gd/aduquz 2/20 2/19 Energy tech The ARPA-E Energy Innovation Summit will feature ARPA-E Acting Director Cheryl Martin and discussions on the role of big data. National Harbor, Md. http://is.gd/igucul 2/24-26 February 2014 FCW.COM 3
March 15, 2014