DFARS: A proactive path to CMMC 2.0

Department of Defense (DoD) contractors are subject to strict compliance requirements, particularly when it comes to cybersecurity. Because these organizations access, process, store and transmit highly sensitive government information, they have to meet a rigorous set of baseline requirements as defined by the DoD’s Cybersecurity Maturity Model Certification (CMMC) program.   Getting ahead of CMMC…

Read more
Government IT Compliance

MOVEit ransomware and “wiperware”!  What can you do?

It’s an all-too-familiar story:  A vulnerability was discovered in a widely used software solution (both cloud and on-premises), and the vulnerability was exploited in dozens of systems before they could be patched.  The result will be very costly for a large number of corporations that are now subject to ransomware.  But it is even more…

Read more

A straightforward guide to DoD impact levels

  Business is booming in the cloud services market, and the federal government is leading the charge. According to Deltek, federal agencies awarded over $23 billion in cloud contracts in 2021 — a figure that’s likely to rise in the coming years.    Here’s the problem: While federal cloud spending is reaching an all-time high,…

Read more

How does codification change the FedRAMP program?

  How does codification change the FedRAMP program?   After repeated attempts to pass Congress, President Biden signed the FedRAMP Authorization Act on December 23, 2022, officially codifying the Federal Risk and Authorization Management Program (FedRAMP). As part of the Federal Cloud Computing Strategy, FedRAMP plays a key role in assessing and procuring cloud products…

Read more
FedRAMP Codified into law

Ultimate guide to FedRAMP compliance

The federal government spends billions of dollars every year on cloud computing. In fact, Deloitte research indicates that public sector cloud spending is increasing at a steady annual rate of 14.3%. At this pace, the United States will invest over $11 billion toward cloud computing in 2022 alone. At the same time, a number of…

Read more
Government IT Compliance

The future of government cloud compliance

Understanding the future of government cloud compliance   In 2018, nearly 79% of government IT spending was reserved for the maintenance of legacy systems, according to the IDC. But in the years since, more of those resources are being used to migrate workloads to the cloud.   Deloitte estimates that federal cloud spending has grown…

Read more

5 Benefits of Cloud Computing for Government Agencies

Federal, state and local governments have come a long way since the Office of Management and Budget introduced its “Cloud First” strategy in 2011. Although cloud adoption got off to a slow start, the public sector soon realized the potential of cutting-edge cloud computing.   According to Deloitte, federal cloud spending has increased at a…

Read more

You Failed your FedRAMP Assessment: Now What?

        As an independent software vendor (ISV), you’ve done all the right things in the commercial market. Customers love your product. Your product has a buzz in the industry. You carefully identify the public sector as your next target. All the meetings go well. You find a government project that’s hungry for…

Read more

The Federal Government ATO Process: A Guide for ISVs

Commercial independent software vendors (ISVs) who want to do business with the Department of Defense (DoD) and the federal government must meet strict security and compliance regulations by passing an Authority to Operate (ATO) process. The stakes are high for government IT security because sensitive and even top-secret data can be found in the government…

Read more