Against popular beliefs and press releases from Microsoft and/or AWS, FedRAMP *DOES NOT* imply a system is "secure". Don't believe me? Read the FedRAMP CONOP. (http://tinyurl.com/op6lz2o). You'll notice the CONOP doesn't state a CSP is "secure" just because the system has been reviewed for compliance.
FedRAMP is all about ensuring a cloud solution is assessed and the results are shared. This makes it easier for the gov't to procure CSP services and make risk based decisions.
Don't be fooled by the marketing material.
Two suggestions:
First, a cheap way of synchronizing files is with MS Sync Toy. The laptop user can simply run the sync at a predetermined time.
A more complex solution is to run Symantec's BackupExec Desktop and Laptop (DLO) option. DLO is geared specifically for ensuring data on the desktop/laptop is protected and stored in on an enterprise server.
An important part of any Linux desktop review *must* include the ability to standardized the desktop settings across an enterprise similiar to the features provided in a Windows Domain. Right now, I do not see an easy way to apply, configure, and enforce security and desktop settings across all desktops.
Is there a "group policy editor" for Linux desktops?
I agree with privacy. I'd recommend that the cubes be arranged where people can not see each other's screens and/or that a glare guard/privacy screen be provided. People are more comfortable when they don't think people are reading over their shoulders.
NIST, NIACAP, DITSCAP, ITSCAP, DCID, LMNOPCAP..
UGH!!
Heck, the government needs look in house and first. They can't even establish a true "STANDARD" security process for the entire federal government, intel community, and defense department. Everyone wants to work off their own sheet of music.
At least a CEO/CIO has to report to the trustees or shareholders if something goes wrong.
Slashdot Mirror
Against popular beliefs and press releases from Microsoft and/or AWS, FedRAMP *DOES NOT* imply a system is "secure". Don't believe me? Read the FedRAMP CONOP. (http://tinyurl.com/op6lz2o). You'll notice the CONOP doesn't state a CSP is "secure" just because the system has been reviewed for compliance. FedRAMP is all about ensuring a cloud solution is assessed and the results are shared. This makes it easier for the gov't to procure CSP services and make risk based decisions. Don't be fooled by the marketing material.
Two suggestions: First, a cheap way of synchronizing files is with MS Sync Toy. The laptop user can simply run the sync at a predetermined time. A more complex solution is to run Symantec's BackupExec Desktop and Laptop (DLO) option. DLO is geared specifically for ensuring data on the desktop/laptop is protected and stored in on an enterprise server.
An important part of any Linux desktop review *must* include the ability to standardized the desktop settings across an enterprise similiar to the features provided in a Windows Domain. Right now, I do not see an easy way to apply, configure, and enforce security and desktop settings across all desktops. Is there a "group policy editor" for Linux desktops?
I agree with privacy. I'd recommend that the cubes be arranged where people can not see each other's screens and/or that a glare guard/privacy screen be provided. People are more comfortable when they don't think people are reading over their shoulders.
NIST, NIACAP, DITSCAP, ITSCAP, DCID, LMNOPCAP ..
UGH!!
Heck, the government needs look in house and first. They can't even establish a true "STANDARD" security process for the entire federal government, intel community, and defense department. Everyone wants to work off their own sheet of music.
At least a CEO/CIO has to report to the trustees or shareholders if something goes wrong.