FedRAMP and Who?

The Federal Risk and Authorization Management Program (FedRAMP), is a compliance program established by the U.S. government to standardize security assessments including but not limited to, authorization, and continuous monitoring of cloud products and services used by federal agencies. Any cloud service provider (CSP) offering services to federal agencies must be FedRAMP certified, including those handling non-classified federal data. The image below will provide some details of the 20 Core Requirements of certification. Obtaining certification is one of the harder ones to obtain.