Blog
This week, FedRAMP published one tip for Cloud Service Providers (CSPs): TIP: When submitting the Annual Assessment (AA) package, the final Security Assessment Plan (SAP), Security Assessment Review (SAR), System Security Plan (SSP) and Plan of Action & Milestones (POA&M) documents must be submitted no later than the P-ATO anniversary date. CSP’s should plan carefully...
Are Government Agencies Using Chatbots? While the private sector has embraced chatbots very quickly, the public sector has been slower to adopt this disruptive technology. Despite the slower adoption, there are some examples of government agencies using chatbots and enjoying the many benefits chatbots provide as a result. Here are 4 government agencies using chatbots right...
Can Government Chatbots Increase Customer Engagement? Government agencies always need to find ways to do more with less. And as the population continues to grow, agencies need to simultaneously increase the level of services they provide to the public. To that end, chatbots offer a great opportunity for government agencies to increase engagement with customers with new...
So Ummm… What is a Chatbot? 2017 is the year of the chatbot revolution–chatbots are starting to pop up all over Facebook, retail websites, and even federal/state/local government websites. This begs the question: what exactly is a chatbot? Do you need a primer to explain what a chatbot is and how it can help your...
Can Chatbots Perform Government Services Better Than Humans? Chatbots are excellent at performing well-defined, repetitive, and tedious tasks that require simple user input. In fact, chatbots are so good at these tasks, they can perform them better than humans can! While chatbots will never completely replace the human element at government agencies, technology has reached a point...
This week, FedRAMP published two tips about significant change requests and POA&M items: TIP: When submitting a Significant Change Request (SCR), always discuss the change with your reviewer prior to submitting the form. A CSP is often inclined to err on the side of caution and evaluate a change as significant when it may not...
Microsoft is a leader in FedRAMP certified services–as of September 2017, Microsoft offers 12 services in Azure (the commercial version) that are FedRAMP-certified at the Moderate Impact Level, and 32 services in Azure Government that are FedRAMP-certified at the High Impact Level. Additionally, Azure and Azure Government have both earned P-ATOs from the FedRAMP Joint...
This week, FedRAMP published two tips about security controls and incident response plans: TIP: AC-2 and IA-2 are closely related. Every group, account, or role defined in AC-2 must be explicitly addressed in IA-2. AC-2 is used to define the groups, accounts, and roles, who may be assigned to one, and how they are managed...
As we’ve continually noted in our recent blogs, Microsoft doesn’t hold back on making sure their software is continually updated for your benefit. In Office 365 Government, you find updates almost every month of the year, with recent ones focusing more pointedly on collaboration features. One feature that’s recently had a big update is Office...
This week, FedRAMP published questions and answers that discuss System Security Plans, and continuous monitoring: Q: A service previously documented in the System Security Plan (SSP) was renamed. How do we reflect the name change when we submit a Deviation Request (DR) for a vulnerability that affects the renamed service? A: Please provide a brief...