eBook - ePub
Federal Cloud Computing
The Definitive Guide for Cloud Service Providers
Matthew Metheny
This is a test
- 536 pages
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Federal Cloud Computing
The Definitive Guide for Cloud Service Providers
Matthew Metheny
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
Federal Cloud Computing: The Definitive Guide for Cloud Service Providers, Second Edition offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation.
You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis.
This updated edition will cover the latest changes to FedRAMP program, including clarifying guidance on the paths for Cloud Service Providers to achieve FedRAMP compliance, an expanded discussion of the new FedRAMP Security Control, which is based on the NIST SP 800-53 Revision 4, and maintaining FedRAMP compliance through Continuous Monitoring. Further, a new chapter has been added on the FedRAMP requirements for Vulnerability Scanning and Penetration Testing.
- Provides a common understanding of the federal requirements as they apply to cloud computing
- Offers a targeted and cost-effective approach for applying the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)
- Features both technical and non-technical perspectives of the Federal Assessment and Authorization (A&A) process that speaks across the organization
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Federal Cloud Computing est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Federal Cloud Computing par Matthew Metheny en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Informatik et Cybersicherheit. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
Chapter 1
Introduction to the federal cloud computing strategy
Abstract
In this chapter, the Federal Cloud Computing Strategy is introduced, followed by a brief history of information technology (IT) within the US federal government beginning with the mainframe and concluding with the transition to mobility. A chronicle of the major IT-related legislation and policies provide insight into the governance of federal IT policies that have been developed over time to address governance, IT management, information security, security and privacy issues with the adoption of new technologies within the federal government. It further presents the federal IT transformation through a summary of the Federal Cloud Computing Strategy beginning with the drivers for adoption and ending with the application of the decision framework for cloud migration.
Keywords
OMB policies; federal IT transformation; federal IT policies; cloud computing; cloud migration; cloud strategy; Cloud First policy; 25 Point Implementation Plan
Information in this chapter:
âą Introduction
âą A Historical View of Federal IT
âą Cloud Computing: Drivers in Federal IT Transformation
âą Decision Framework for Cloud Migration
Introduction
In February 2011, the former US Chief Information Officer (CIO), Vivek Kundra, published the Federal Cloud Computing Strategy, herein referred to as the âCloud Strategy.â1
The Cloud Strategy, as illustrated in Fig. 1.1, was one of six major components of the 25 Point Implementation Plan to Reform Federal Information Technology Management, the US CIOâs roadmap to the cloud. The roadmap focused on shifting to cloud services, which can be deployed rapidly, and shared solutions that will result in substantial cost savings, allowing federal agencies to optimize spending and to reinvest in their most critical mission needs [1].
In the 25 Point Implementation Plan to Reform Federal Information Technology Management, the Cloud First policy, also referred to as âCloud First,â requires federal agencies to implement cloud-based solutions whenever a secure, reliable, and cost-effective cloud option existed. The publication of the Cloud Strategy facilitates the implementation of the Cloud First policy by initiating a program2 to âaccelerate the safe and secure adoption of cloud computing across the governmentâ [2]. Additionally, the Cloud Strategy directs the National Institute of Standards and Technology (NIST) to lead the standards development3 related to security, interoperability, and portability, to reduce barriers to cloud adoption by federal agencies.
In the Cloud Strategy, the US federal governmentâs strategic approach for the adoption of cloud computing technologies was described, including the potential benefits, considerations, and trade-offs [2]. The strategy also provided a decision framework4 for federal agencies to use in outlining their plan for using cloud computing services. The migration plans and government-wide initiatives help identify candidate cloud services to improve their efficient use of IT investments to support their missions by leveraging shared infrastructures and economies of scale. The decision framework focused on changing how federal agencies approached the acquisition and use of IT5 and how they could effectively integrate cloud services into their IT portfolio.
The Cloud Strategy also established a set of basic principles and guidelines through which decision-makers within federal agencies could use it to accelerate their secure adoption of cloud services. Through the strategy, federal agencies were empowered with the responsibility for making their own decision on âwhatâ and âhowâ to migrate to the cloud in support of the government-wide Cloud First policy. The Cloud First policy creates the momentum for federal agencies to proactively adopt cloud computing services by requiring them to begin with the selection of three6 âcloud-readyâ7 IT services.8 To assist federal agencies in acquiring (procuring)9 cloud services to meet the Cloud First policy, the US General Services Administration (GSA) through the Cloud Computing Services (CCS) Program Management Office (PMO), established contracts that federal agencies could leverage for purchasing commodity cloud services. As depicted in Fig. 1.2, Email as a Server (EaaS)10 a commodity cloud service, was one of the most common types of IT systems migrated to the cloud.
In the section, the Decision Framework for Cloud Migration, a three-step framework described the foundational elements that were identified as being necessary for building a successful cloud migration plan.11 In addition, the Cloud First policy gave federal agencies the opportunity to exercise their migration plans12 and develop and share âlessons learnedâ from their experiences. The Cloud First policy also established the requirement for a program13 to be developed that would encourage Cloud Service Providers (CSPs) to meet federal security and privacy requirements through the development of âgovernment-readyâ (or FedRAMP compliant14) cloud services.15
The federal government has started the shift, from a traditional, asset-based model focused on acquiring IT, to a service (or utility16)-based model, focused on consuming IT services. Cloud computing was not only a change in the technology used by federal agencies, but also a cultural change.17 The âshiftâ towards cloud services required federal agencies to change the people and processes that are needed for procuring and provisioning cloud services. Cloud computing places an increased importance on how technology is planned, selected, and integrated.18 The new service-based approach to IT required federal agencies to learn how to manage services rather than assets. To effectively provision cloud services so that there can be an achieved optimization of resources, federal agencies had to link the benefits of cloud computing to their IT strategic plans.19 In addition, federal agencies also had to establish new IT governance processes and practices to ensure the adoption of secure cloud services adhered to the federal information security and privacy requirements.