According to the Federal Information Processing Standard (FIPS) Publication 199, sensitive data is considered “High Impact” when its compromise could catastrophically impact and/or damage an organization’s assets, operations, or individuals.
The Federal Risk and Authorization Management Program (FedRAMP) released its High Baseline requirements in 2016. Featuring a total of 421 security controls, the release sent a clear signal to Federal agencies that authorized vendors are equipped to handle the government’s most sensitive, unclassified data, including that which involves the protection of life and financial ruin:
- Personal Identifiable Information (PII)
- Sensitive financial information
- Law enforcement data
- Protected Health Information (PHI)
- Controlled Unclassified Information (CUI)
Prior to the High Baseline release, nearly 80 percent of Federal information had been categorized as Low or Moderate Impact. That represented just half of the Federal IT spend.
The FedRAMP High Baseline Authorization effectively removed a tremendous barrier for federal agencies, essentially opening the remaining half of Federal IT spending to the possibilities of government cloud through an outside vendor.
Migration to the cloud, and the underlying security issues surrounding it, has long been a sticking point for federal agencies, contributing to an arduous, slow-moving transition process.
The existence of a FedRAMP High Baseline Authorization is expected to make adoption more appealing, boosting confidence among government stakeholders that their sensitive information is protected in the cloud.
GovDataHosting received its FedRAMP High Baseline Authorization in 2019, and at the time is one of only five FedRAMP High authorized cloud IaaS vendors to have achieved the distinction nationwide. We can protect your mission critical systems at a significantly lower cost while effectively safeguarding sensitive information in the cloud.
Our all-inclusive services cover full Assessment & Authorization (A&A) compliance documentation, system hardening, vulnerability scanning, continuous monitoring, edge perimeter defense, identity management, log aggregation/analysis, Plan of Actions and Milestones (POAM) vulnerability tracking, and audit/assessment support services.
Our team will work closely with you to ensure complete compliance. Request your quote today.