by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : September 2013
have different requirements than those in civilian agencies. Those kinds of considerations are not covered by FedRAMP, said Dan Kent, chief technology officer and director of solutions for Cisco's federal sector. They must be covered in the service-level agreements (SLAs) the agency strikes with the cloud providers. "Agencies really have to go at this ap- plication by application," he said. "A video application for office training would need to be treated differently from one for oth- er types of training such as aircraft repair and maintenance. It requires agencies to make a careful assessment of each appli- cation, and what the risks are for the kind of data that's involved and how that data gets to the application." Complications also can arise within something that, on the face of it, is covered by the FISMA requirements in FedRAMP but that also contains elements that are not. A public- facing website, for example, would han- dle mostly unclassified data but may also include transactions such as fee payments Government on the Go: Strategies for Leveraging Data in the Field FREE WEBCAST SERIES: 2ND INSTALLMENT SPONSORED BY NETAPP AND THUNDERCAT DOWNLOAD NOW: WWW.GCN.COM/MOBILEDATA BROUGHT TO YOU BY Featured Speaker: Colonel Vogelhut, CPOF ON DEMAND Available for a limited time only that would involve more sensitive credit card or personally identifiable data. Anything that requires classified infor- mation raises the concerns another notch. "Organizations that process classified information would not be in alignment with either FISMA low or moderate, and are not likely to put their data into an envi- ronment that solely considers FedRAMP," said John Lambeth, CIO of Qinetiq NA. "Indeed, some of the key cloud providers that would go after FedRAMP business would not be in a position to process that kind of information." THE RACE IS ON There is an urgency to getting agencies up to speed on what FedRAMP means for them and the cloud, Roat said. While some organizations are well versed in both FedRAMP and FISMA, and have re- tained the accreditation services they will need to launch their services in the cloud, she said, others are not that far ahead. And yet budget constraints are pushing them ever faster to the cloud. "The problem is that the technology of cloud is not new. It's really a culture change at agencies that's needed about what needs to move to the cloud, how it will impact resources and so on," she said. "When they can wrap their heads around that, the reason for FedRAMP will become more apparent to them." The FedRAMP program office has made it clear that FedRAMP will be a living enti- ty, said Mel Greer, a senior fellow at Lock- heed Martin, one of the few companies to so far receive a FedRAMP provider ac- creditation, so the program will continue to mature and include more of the agency and industry concerns. FedRAMP is like- ly, for example, to soon include more re- quirements based on platform as a service and software as a service to augment that work that's already been done for IaaS. But Greer feels it's already had an im- portant impact, by being a driver for dis- cussion around trust. "That contribution shouldn't be dis- missed," he said. "It's a very difficult thing to do, to create such a broad trust model." • 24 GCN SEPTEMBER 2013 • GCN.COM When FEDRAMP falls short