There are three impact levels of control: low, moderate and high.
The low level is appropriate when data that is lost or compromised would have some impact, while medium level would have severe damage. The highest level is used for the most sensitive data that would have a catastrophic effect if it was compromised.
RELATED: What are the benefits of a cloud security posture assessment?
Ensuring Protection of Critical Data in the Cloud
Metallic is the only Software as a Service data protection solution to have achieved the FedRAMP high standard, which has 421 controls for security and risk management that ensure the country’s most sensitive data is protected.
The controls prevent data loss and breaches, according to Peddibhotla. “This is data that would have catastrophic effects” if it were lost, he says. “Really, this provides peace of mind for the most sensitive customers, including those in the federal government.”
He says that Metallic, due to its roots in Commvault, is well equipped to support all data workloads. Commvault provides intelligent data services across on-premises, cloud and SaaS environments.
“Government agencies responsible for regional, state or local services are slowly following the pathways of private companies by focusing on migrating to the cloud to offer robust citizen services to customers,” according to a Commvault blog post.
EXPLORE: How to determine what does and doesn’t belong in the cloud.
Federal Cloud Security Is Evolving
A bill that passed the Senate in December, the Federal Secure Cloud Improvement and Jobs Act, would codify and update FedRAMP and is intended to help federal agencies more quickly adopt cloud services. The bill, which has been passed by the House four times, was approved in December by the Senate’s Homeland Security Committee and now moves to the full Senate for consideration.
Even as federal agencies recognize the benefits of moving to the cloud, they face challenges getting there, such as constrained resources, the threat of attacks, and operations that have traditionally been siloed.
The primary challenge, Peddibhotla says, is the sensitivity and confidentiality of the type of data government agencies keep in the cloud.
“This is paramount from this class of customer perspective,” he says.
Peddibhotla says the company is seeing its federal customers trying to get out of the silos.
“What the cloud enables them to do is to use that flexibility to remove data silos and leverage the cloud and its elasticity to remove some of those data inefficiencies,” he says.
To stay resilient and accelerate change, agencies must reshuffle their data protection strategies to remove data silos, while comprehensively safeguarding their data estate.
“That’s one of the reasons why FedRAMP was set up,” Peddibhotla says. “To streamline the process with uniform security guidelines, accelerating adoption of the cloud for businesses and agencies managing sensitive data.”
Brought to you by: