From: The Washington Post
Federal cyber security measures related to cloud computing could be evolving faster than the IT procurement process.
The General Services Administration recently issued a transition plan helping cloud computing service providers understand which versions of an evolving security standard they must adhere to.
The GSA’s Federal Risk and Authorization Program, called FedRAMP, is a system of standardized security assessments authorizing cloud service providers to sell to the federal government. The FedRAMP management office said updates to the security requirements are expected to be published on June 1, 2014.
But depending on what stage providers are in the contracting process, they may adhere to existing standards, according to the guide.