Today, the Federal Risk and Authorization Management Program (FedRAMP) announced the FedRAMP High Security Baseline. The importance of this is significant, as stated in today’s FedRAMP announcement: “These security requirements will be used to protect some of the government’s most sensitive, unclassified data in cloud computing environments. This release allows agencies to use cloud environments for high-impact data, including data that involves the protection of life and financial ruin.”
With this announcement, Cloud Service Providers (CSPs) have a high-level security model to offer federal agencies. Prior to the new baseline, federal agencies could only migrate low and moderate impact data into the cloud. With this release, government agencies can now leverage the cloud for their most critical data through High Security Baseline CSPs.
Microsoft Azure is one of three CSPs currently with provisional authority to operate from the FedRAMP Joint Authority Board or JAB. Under the new baseline, CSP data centers must be secured to the levels mandated for unclassified data in cloud environments, outlined by the Federal Information Processing Standard, or FIPS. Project Hosts’ Federal Private Cloud, a FedRAMP SaaS-level cloud with an agency ATO, is currently certified at the Moderate level, and with this announcement has started the process to gain a High Security Baseline. Specific details on the expected availability of this capability will be announced at a later date.
Click for additional information about Project Hosts’ Federal Private Cloud