FedRAMP Weekly Tips & Cues – August 8, 2018

This week, FedRAMP published two Tips for Cloud Service Providers(CSPs):

Cloud Service Providers (CSPs)

Tip: Boundaries for FedRAMP Cloud Service Offerings (CSOs) must have established demarcation points.

This means that entry and exit points must be limited, centralized, and well controlled and applies even for a Platform as a Service (PaaS).

Cloud Service Providers (CSPs)

Tip: Ensure that any FIPS 140-2 modules in use have an active, current, and valid certification.

Document FIPS 140-2 certification/validation numbers and dates in the SSP and ensure that the certification is relevant. It is also crucial that the modules remain active and unchanged during the initial P-ATO testing period.

More Information

Read more about this week’s FedRAMP’s Tip and cues here

Free Chatbot Call-To-Action