navigation-background arrow-down-circle Reply Icon Show More Heart Delete Icon wiki-circle wiki-square wiki arrow-up-circle add-circle add-square add arrow-down arrow-left arrow-right arrow-up calendar-circle chat-bubble-2 chat-bubble check-circle check close contact-us credit-card drag menu email embed facebook-circle snapchat-circle facebook-square facebook faq-circle faq film gear google-circle google-square googleplus history home instagram-circle instagram-square instagram linkedin-circle linkedin-square linkedin load monitor Video Player Play Icon person pinterest-circle pinterest-square pinterest play readlist remove-circle remove-square remove search share share2 sign-out star trailer trash twitter-circle twitter-square twitter youtube-circle youtube-square youtube

FedRAMP unveils new ‘Tailored’ service baseline for comment

February 16, 2017 (Photo Credit: GSA)
The Federal Risk and Authorization Management Program, or FedRAMP, rolled its baseline for the anticipated FedRAMP Tailored service on Feb. 16, making the proposed software-as-a-service cloud solution open for comment.

The public may provide feedback on the strictly low-risk SaaS service baseline until March 17.

In a blog post on its website, FedRAMP detailed how the Tailored service would allow cloud vendors to fast-track approval for low-risk cloud security solutions so that agencies could get them faster.

“We hope FedRAMP Tailored will provide a way in which FedRAMP can support the need government authorizing officials have for a standardized approach to determining the risks associated with authorizing specific low-impact cloud applications — for example, small scale cloud applications that assist the government in doing business, but that do not directly impact the government’s mission needs,” the post said.

Officials likened the services FedRAMP Tailored would provide to protecting a bike with a U-lock, offering solutions for services needing minimum security requirements like “collaboration tools, project management and open-source development.”

FedRAMP Tailored has been anticipated since last fall, when officials signaled their plans to roll out the service in 2017 to make it easier for vendors to get their low-risk SaaS products authorized through the FedRAMP process.   

Services provided on FedRAMP Tailored will have to meet the Federal Information Processing Standards 199 Publication requirement for a low-security-impact as well as provide services without collecting personally identifiable information and be authorized in an existing FedRAMP-authorized infrastructure.

The public can review the Tailored baseline on FedRAMP’s website and provide comments through March 17.

 

Next Article