Department Of Defense Tightens Rules On Cloud Security

Tyler Cross
Published on: January 25, 2024

A new memo sent from the Department of Defense (DoD) revealed that they’re tightening security requirements for cloud providers at the FedRAMP level.

Historically, it was unclear what constituted being FedRAMP certified and what it entails. Before the new rules, the DFARS clause stated a third-party contractor should ensure their cloud service providers meet FedRAMP requirements.

At the time those requirements simply meant that the service providers needed to follow rules for data retention, incident reports, and access requirements.

While that’s still an important step to take, it failed to create a baseline level of security requirements cloud service providers needed to take. However, after altering the DFARS clause, that concern has been addressed.

Now, being FedRAMP-approved requires a minimum baseline of cybersecurity defenses. FedRAMP uses a third-party company to evaluate if providers meet the given criteria.

“To be considered FedRAMP Moderate equivalent, CSO’s must achieve 100% with the latest FedRAMP moderate security control baseline through an assessment conducted by a FedRAMP-recognized Third-Party Assessment Organization (3PAO),” reads the memo.

This puts the ball in the cloud service providers’ hands, so to speak. If they want to continue working with the DoD, they’ll need to bring their cybersecurity up to snuff. Companies that take shortcuts with their cybersecurity practices will lose the DoD’s business.

It’s not completely known what’s causing the DoD to tighten its security rules, but there are a few guesses. Data breaches and hacks on cloud service providers have sharply risen over the years, especially with the rise of AI making it easier than ever. If a hacker can obtain data from the service provider, they can obtain the data of every contractor that they work with.

In response, US government agencies have been working together to make sure that companies are following minimum safety requirement guidelines.

SEO Powered Content & PR Distribution. Get Amplified Today.
PlatoData.Network Vertical Generative Ai. Empower Yourself. Access Here.
PlatoAiStream. Web3 Intelligence. Knowledge Amplified. Access Here.
PlatoESG. Carbon, CleanTech, Energy, Environment, Solar, Waste Management. Access Here.
PlatoHealth. Biotech and Clinical Trials Intelligence. Access Here.
Source: https://www.safetydetectives.com/news/department-of-defense-tightens-rules-on-cloud-security/

Generative Data Intelligence

Department Of Defense Tightens Rules On Cloud Security

Drake Threatened With Lawsuit Over Tupac AI Vocals

Shiba Inu Leads in Robinhood’s Crypto Performance

Latest Intelligence

Best Crypto Casinos of 2024: A comprehensive guide

DOJ Disputes Roman Storm’s Characterization of Tornado Cash Operations in New Filing

Best Players Available for Day 3 of the 2024 NFL Draft

Top 5 Crypto Presales: BDAG Leads the Pack with 30,000x ROI Potential

Forbes Unveils 20 Crypto ‘Zombies,’ Declares Ripple And XRP Among The Undead

Consob, Italy’s Watchdog, Bans Additional Forex And Cryptocurrency Trading Websites – CryptoInfoNet

Chat with us