by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : September 2013
Agencies are increasingly making plans to move to the cloud under the Obama Administration's "cloud first" mandate issued in 2010, under which agencies are to default to cloud-based solutions for IT needs "whenever a secure, re- liable, cost-effective cloud option exists." The Federal Risk and Authorization Management Program (FedRAMP), also mandatory for agen- cies using cloud, is intended as the main tool to enable that. What's already clear, however, is that Fe- dRAMP, which provides standardized security controls for cloud services, will only be the start of the migration process. For anything beyond relatively simple needs, agencies will still have to conduct extensive risk assessments of the ap- plications and services they want to go to the cloud for, and whether FedRAMP-accredited cloud service providers can ensure the security that's needed for them. For most of the common uses such as cloud- based email and backup storage, the secu- rity controls that FedRAMP guarantees will be enough to cover what most agencies need, said John Pescatore, director of emerging security trends at the SANS Institute, and a former vice president at Gartner Inc. "It's when you get to more complex needs such as infrastructure as a service (IaaS), where you are using the cloud for such things as end- user storage and running custom software, that's where it's going to be a lot tougher for Standardized security controls are key for moving to the cloud, but for anything other than basic services, they're just the start. WHEN FEDRAMP FALLS SHORT BY BRIAN ROBINSON 22 GCN SEPTEMBER 2013 • GCN.COM