Is StateRAMP for You? Here Are a Few Facts Worth Knowing

If you’re a cloud software vendor who wants to sell — or has already sold — to federal government agencies, it’s likely that you’re already aware of FedRAMP compliance. But cyberattacks aren’t just limited to the federal government. With more people working from home and moving to the cloud now than ever before, news of attacks on state […]

Unlocking the Mysteries of the Fed’s New CMMC Requirement

There’s a lot of uncertainty around the Cybersecurity Maturity Model Certification (CMMC). In this episode of Security on Cloud, Tony Bai, Director of Federal Practice Lead at A-LIGN, joined us to explain the CMMC framework, its importance, and why it’s being introduced. Tony shares insight on how CMMC applies to Controlled Unclassified Information (CUI) and the […]

Why Real-World ROI Matters to Software Vendors Pursuing FedRAMP in 2021

Return on Investment (ROI) is typically thought of as a calculation of how and when you can get your money back on money spent. However, when it comes to FedRAMP, having real-world ROI insight can be the difference between choosing a potentially disastrous and delayed FedRAMP journey, or choosing a successful and accelerated FedRAMP journey. […]

What is Compliance Automation?

The newest word on the market is Compliance Automation. But what exactly is Compliance Automation? Well, let’s start with what Compliance Automation is NOT.

GDPR is Coming

GDPR has rapidly devolved into a touchstone for everything from vendor FUD to political frothing. It has been hailed as a huge step forward for privacy and assailed as the worst thing to come out of Europe since the Bubonic Plague. Let’s push aside the hyperbole and let facts and reason rule the day.