OMB and NIST over the past year issued in Special Publication (SP) 800-37 the new FISMA "Authorization" process (previously call (Certification and Accreditation) to be used by all Federal organizations, including the DoD and Intelligence communities, to gain approval to operate. Additionally, NIST is finalizing SP 800-39 on the Risk Management Framework (RMF), which is the basis for this new "Authorization" process. This moved us from a 4-pha...

Few doubt the critical importance of trusted identity management in our cyber-focused world. As a nation and as individuals, we conduct our business using Internet- and increasingly, Cloud-based, services that demand reliable identity protection and management. As a society, we bank, shop, file tax returns, manage portfolios, check health information, apply for licenses and permits, enroll in courses, book planes/trains/and automobiles—j...

The Federal Government has taken notice of the flexibility, operational benefits, increased efficiencies and substantial cost savings cloud computing can provide. But sifting through the hype and understanding the true value, security risks and challenges associated with this migration is a challenge for public sector agencies. Cloud computing is not a single capability, but a collection of essential characteristics manifested through various...