Chapter 1 - Introduction to the Federal Cloud Computing Strategy
Chapter 2 - Cloud Computing Standards
Chapter 3 - A Case for Open Source
Chapter 4 - Security and Privacy in Public Cloud Computing
Chapter 5 - Applying the NIST Risk Management Framework
Chapter 6 - Risk Management
Chapter 7 - Comparison of FISMA with Other Security Compliance Standards
Chapter 8 - FedRAMP Primer
Chapter 9 - The FedRAMP Cloud Computing Security Requirements
Chapter 10 - Security Assessment and Authorization: Governance, Preparation, and Execution
Chapter 11 - Strategies for Continuous Monitoring
Chapter 12 - Cost-Effective Compliance using Security Automation
Chapter 13 - A Case Study for Cloud Service Providers
Über den Autor
Matthew Metheny, the founder of 1ECG, a privately held consulting firm, specializes in providing services such as cloud computing security strategy and architecture, assessments, migration, and training services. Mr. Metheny also held senior-level program management and executive-level positions with various consulting firms supporting the federal government with a focus on governance, risk management, emerging technologies, and security compliance, including the Senior Product Manager for Cloud Controls and Compliance Services at CSC. In addition, he founded and maintains FedRAMP.net, which is designed to build and share information and resources relating to meeting compliance with the Federal Risk and Authorization Management Program (FedRAMP). Mr. Metheny is PMP, CISSP, CAP, CISA, CSSLP, CRISC, and CCSK-certified, and holds a Master of Science degree in Information Assurance from the University of Maryland University College (UMUC).
Federal Cloud Computing: The Definitive Guide for Cloud Service Providers offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation. Readers will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis.