{"id":2715,"date":"2018-06-29T17:35:24","date_gmt":"2018-06-29T21:35:24","guid":{"rendered":"https:\/\/www.hrtec.net\/?page_id=2715"},"modified":"2018-07-16T11:10:09","modified_gmt":"2018-07-16T15:10:09","slug":"fedhive","status":"publish","type":"page","link":"https:\/\/www.hrtec.net\/index.php\/services\/fedhive\/","title":{"rendered":"FedHIVE"},"content":{"rendered":"
[vc_row][vc_column][vc_custom_heading text=”\u201cProtecting and Delivering U.S. Government High Impact Applications and Data Every Day\u201d ” font_container=”tag:h2|font_size:35px|text_align:center|color:%234e4f4f” use_theme_fonts=”yes” css=”.vc_custom_1530309634458{margin-top: 30px !important;margin-right: 30px !important;margin-bottom: 50px !important;margin-left: 30px !important;}”][vc_row_inner][vc_column_inner width=”1\/2″][vc_single_image image=”2718″ img_size=”large” alignment=”center”][vc_column_text]\n

Question & Comments: Email us at: fedhive@hrtec.net<\/a><\/h3>\n[\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/2″ css=”.vc_custom_1530311185433{margin-top: 0px !important;margin-bottom: 0px !important;}”][vc_column_text]FedHIVE provides a Federal High Impact Virtualized Environment provision within a physical and logical boundary designed to provide Federal clients an Infrastructure as a Service (IaaS) solution that meets or exceeds the FIPS PUB 199 System Security Level of High (sensitive but unclassified information) security controls in which to implement organizational Software as a Service (SaaS) applications. The FedHIVE secure cloud service provides agencies a compliant, scalable, and secure infrastructure capability enabling and supporting platforms or software required for their business or mission success. FedHIVE implements over 400 High Baseline security controls within the boundary to support Federal cloud services requirements for protecting CUI and PII per agency application level ATO security requirements and is currently providing service to multiple Government Agencies (including DoD and TSA) and supporting vendor customers.[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner css=”.vc_custom_1530311197368{margin-top: 0px !important;margin-bottom: 0px !important;}”][vc_column_text]\n

\u201cIt\u2019s About the Data\u201d<\/h3>\n

FISMA; FIPS; NIST; FedRAMP what do they all mean?\u00a0 In 2002, the Federal Information Security Management Act (FISMA) was signed into law.\u00a0 FISMA compels each federal agency to build and implement programs to ensure the security (confidentiality, integrity, and availability) of the agency\u2019s information. FISMA relies on the security categorizations and definitions provided by FIPS (199, 200) to fulfill its goal of ensuring confidentiality, integrity and availability of federal information. In support of FISMA, NIST developed the Risk Management Framework, which attempts to define all FISMA-related security standards and guidance to facilitate the creation of a broad and balanced information security program at each agency. All federal agencies must meet the minimum-security requirements defined in FIPS 200 using the security controls defined in NIST SP 800-53.\u00a0 NIST Special Publication 800-53 provides guidelines for selecting security controls. This document also defines the risk assessment, security assessments, physical and environmental security, maintenance, access control, accountability, audit, etc. NIST uses the \u201cTrustworthiness\u201d model to satisfy the security requirements of the controls.<\/p>\n

The effectiveness of the security control depends, in large part, on whether they are implemented correctly. For this reason, the Federal Risk and Authorization Management Program (FedRAMP) was developed and implemented in 2012.\u00a0 FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.<\/p>\n

\u201cSecure Hosting & Storage Compliance\u201d<\/h3>\n

Secure hosting and storage compliance takes on several levels of security control management.\u00a0 FedRAMP defines these levels as Impact Baselines.<\/p>\n