Cloud adoption rates among state, local and federal government sectors have increased significantly over the last several years, but are these institutions doing everything they can to protect incredibly sensitive government data?
The government has historically been slow to upgrade their technology suite. Many say this is due in part to small budgets and bureaucratic process, but this is not the case for cloud implementation. While it’s encouraging to see the government sector stay up to date in terms of new technology adoption, what many agencies do not understand is that cloud security is a shared responsibility.
In 2012 the federal government introduced the Federal Risk and Authorization Management Program or FedRAMP. This standard was developed to confirm a consistent way for cloud service providers to offer security assessments, authorizations, and continuous monitoring to government organizations. FedRAMP assures that the cloud provider is doing its part, but it is ultimately up to the government organization to ensure they have safeguards implemented to prevent, detect, and response to cyber-attacks as they are introduced.
NNT’s real-time, continuous approach to compliance, configuration-drift reporting and breach detection provides a cohesive means of demonstrating compliance with FedRAMP requirements. By using Closed-Loop Intelligent Change Control, all changes are assessed automatically and while any ‘known/good’ changes (such as scheduled patches) are logged, only unexpected, unusual - and therefore suspicious - changes are reported for review and remediation.