Featured Coalfire Video

See why organizations in a wide range of industries turn to Coalfire to address their IT GRC challenges.

The Coalfire Blog
Formalized IT Security Policy Now Required for Government Prime and Sub-contractors

This month the GSA announced an IT security mandate for government prime- and sub...

Government and Public Sector

Proven IT GRC Solutions to Protect Citizens

In order to provide timely and accurate services, federal, state, and local government agencies along with countless public sector organizations process vast amounts of data and sensitive personal information. Just as these agencies are facing growing pressure to operate more effectively and efficiently, they are confronted with an increasing number of governance, risk, and compliance regulations that hinder their day-to-day operations. These entities are struggling to find ways to function smoothly and provide a secure environment for the sensitive data they require to operate.


Compliance Matters

Increased scrutiny and the exposure of data breaches by some state and local governments have made IT security policies a top priority for government and public sector organizations at every level. The Federal Information Security Management Act (FISMA) was created to provide better public service and secure federal information systems. Compliance with these standards is mandated to ensure the security of this public and private information. As government and public sector organizations strive to understand these regulations, the race is on to adopt state and federal security policies and to repair the breach in trust with the public they serve. In addition, the government's new cloud first initiative is requiring government agencies to move three low-impact and moderate-impact systems to the cloud by 2015. As such, the government has developed the Federal Risk Authorization and Management Program (FedRAMP) that commercial cloud service providers (CSP) must go through to receive a provisional authority to operate; to host government data.

Coalfire Can Help

Coalfire offers rich IT security expertise to guide the initiatives that align with FISMA requirements that agencies, their vendors and sub-contractors must meet. As part of the FedRAMP requirements, CSPs must be assessed by an independent third pary assessor. As one of the early audit and assessor firms accredited as a FedRAMP Third Party Assessment Organization (3PAO), Coalfire can provide any necessary advisory or assessment services to demonstrate a cloud environment meets the controls, processes, procedures and security requirements of FedRAMP. In addition, our balanced IT compliance program helps federal, state, and local government entities achieve regulatory compliance and mitigate complexities. Our IT security assessment services are founded on state and federal regulations as well as IT security best practices. At the local level, Coalfire has provided security assessments for cities, counties, airports, public utilities, and port authorities.

Follow us to get the latest updates.