Home » Sessions » How Realistic Is FedRamp for Cloud-Based Security Systems?
About the Session
The Federal Risk and Authorization Management Program (FedRAMP) aims to ensure agency data is consistently highly secured in the cloud – but is it a realistic requirement for physical access control systems (PACS) hosted and managed by a commercial vendor? This expert panel will discuss the options physical security specialists have in moving on-premises servers and clients to a FedRAMP-approved cloud model. We will cover edge devices managing electronic access control points in federal OCIO organizations; potential issues collecting access control data, reports or other personally identifiable information outside of on-premises electronic security systems; and the recommended level of security for any FedRAMP submission. We will also explore which cloud providers currently have FedRAMP-enabled PACS, which support FICAM capabilities with PIV cards and what new set of specifications FedRAMP will require to be listed on the GSA Approved Products List.