Paul Austin, chief technology officer of EMC's federal division, believes it is critical for agencies to view applications across their enterprise and cloud platforms for resiliency, Federal Times reported Sept. 15.
He said agencies must shift their focus on the applications and their connections to business processes, Rutrell Yasin reports.
The Recovery Accountability and Transparency Board has deployed the cloud-based RSA Archer portal to manage on-site system configurations and external cloud infrastructures, address risks and report on compliance, according to the report.
The National Institute of Standards and Technology, the departments of Defense and Homeland Security and intelligence agencies also have developed security controls for mobile and cloud computing, insider threat, supply-chain and advanced persistent threats in order to help agencies recover after a disruption, Federal Times reports.
Yasin writes the security controls are parts of the Federal Risk Authorization and Management Program.
Michael Smith, deputy chief information officer and senior security program manager at Creative Computing Solutions Inc., told the publication that the FedRAMP standards apply to both the private sector and government agencies.
“If everyone is using the same standards and baselines, [agencies and companies] can react faster to exploits because they all know the landscape,“ Smith told Federal Times.