|
|
|
|
|
|
by ritwikgupta
397 days ago
|
|
|
This is about changing the way FedRAMP accreditation is done for any cloud service, like Box (or a new SaaS that you may create tomorrow). The FedRAMP process requires you go through a certain set of audits, meet a certain set of standards, etc., in order to be approved to host CUI (IL4/5) or SECRET (IL6) information. Normally this can take a lot of time and monetary investment. On one hand, these processes encode cybersecurity best practices. On another hand, it keeps new companies out of the market. It seems this effort is doing away with a lot of those processes. I hope the level of compliance stays the same. |
|
|