FedRAMP and the Department of Defense's Security Requirements Guide
Coalfire receives many questions on understanding the Department of Defense (DoD) security requirements for Cloud Services. The DoD is a major procurer of information systems and frequently sets the standards for civilian agencies to follows. Additionally security requirements developed for DoD are considered to be industry best practice and are frequently incorporated into best-of-breed solutions. Given the focus on cybersecurity, understanding how the DoD plans to implement cloud security is of particular interest. This paper briefly reviews FedRAMP, summarizes the SRG and supplemental DoD requirements, and provides guidance for CSPs that are interested in upgrading to the new baseline.
This document requires registration. Please fill out the form to the right to receive access.