InfusionPoints' Recent Blogs

Demystifying FedRAMP - Part 4 - Who is allowed to work on the system or access SSP documentation? What about non-US Persons / non-US Citizens?
Authored by: Jason Shropshire
Note: This is part 4 of a multi-part series. See the links below for other topics in the series.
Read More -->
Demystifying FedRAMP - Part 3 - Is system documentation included in the system boundary? What classification should be placed on our system security plan (SSP)?
Authored by: Jason Shropshire
Note: This is part 3 of a multi-part series. See the links below for other topics in the series. Today we will address questions around handling and classification of the FedRAMP System Security Plan (SSP) and other documents that are included in the FedRAMP Package. This will be closely related to the next topic regarding the protection of this data. 
Read More -->
Demystifying FedRAMP - Part 2 – If I follow FedRAMP requirements and get a P-ATO, my cloud service will be well designed and attractive to Federal Agencies, right?
Authored by: Jason Shropshire
In part 1 of this series, we addressed the question “Is an NDA with FedRAMP needed to protect my company’s trade secrets?” In today’s topic we address the question “If I follow FedRAMP requirements and get a P-ATO, my cloud service will be well designed and attractive to Federal Agencies, right?”. The short answer is no…  But the key to understanding this is to known some backstory on FedRAMP. 
Read More -->
Demystifying FedRAMP - Part 1 - Is an NDA with FedRAMP needed to protect my company’s trade secrets?
Authored by: Jason Shropshire
While providing FedRAMP consulting for our customers, we’ve have had to address a variety of questions that have come to us varying from the strategic to specific questions on how a Cloud Service Provider (CSP) should treat the information in its System Security Plan (SSP).
Read More -->
All Blogs

Let us know how we can help with your Cyber Security Challenges

Contact Us