An interview with Hisham Alhakimi about Security Compliance & FedRAMP
Key topics on Access Control Podcast: Episode 13 - Security Compliance & FedRAMP
- When done right, security compliance is a business enabler and involves undergoing independent verifications of controls to achieve certifications or reports.
- FedRAMP is a risk management program brought about to promote the adoption of cloud technologies across the federal government.
- Many, but not all, of the FedRAMP requirements tie back to an underlying NIST standard publication.
- FIPS validation is the process of actually taking an algorithm or a module all the way through a validation program using an independent lab.
- The term "FIPS compliant" creates confusion and is not a recognized designation, despite it actually holding some meaning.
- As a concept, shared responsibility is not exclusive to AWS and applies to other cloud service providers because it's very fundamental to how the cloud works.
Expanding your knowledge on Access Control Podcast: Episode 13 - Security Compliance & FedRAMP
- [Teleport FedRAMP](https://goteleport.com/docs/enterprise/fedramp/)
- [Executive Order on Improving the Nations Cybersecurity](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/)