Simplify FedRAMP Cloud and Virtualization Compliance
Contain OPEX and Training Costs with Broad Support of Multiple Controls
Service Providers seeking FedRAMP certification must contend with a large number of required security controls – 297 of them for the “Moderate” Impact Level. Many of the controls focus on policies, procedures and training, while others are technical in nature and pertain to active protection measures.
The best way to approach the daunting challenge of FedRAMP certification is to employ solutions that support as many controls as possible for a given layer of infrastructure, in order to keep integration and operational costs low. HyTrust solutions provide broad control support in two critical areas:
- HyTrust CloudControl – hypervisor layer administration, activity auditing, and configuration hardening
- HyTrust DataControl – Data at rest encryption for any Linux or Windows hosted database or application
As verified recently by a leading audit and compliance firm, CloudControl supports at least 27 controls central to auditing the management plane and configuration of the hypervisor layer, which is the most critical layer of IaaS or PaaS infrastructure. By supporting so many controls in a single solution, providers not only simplify the task of achieving FedRAMP certification, they lower staff training and manpower costs and directly impact the bottom line.