Cloud Security Podcast - This month we are talking about "Building on the AWS Cloud" and next up on this series, we spoke to Alexis Robinson (Alexis's Linkeidn), Senior Manager, Regulatory Compliance at AWS. FEDRAMP AWS environment can be made easy with the right security assessment framework for your organization. Alexis shared lessons and talk about How AWS Customers can prepare to increase their chances of getting FedRamp certified.
Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv
Host Twitter: Ashish Rajan (@hashishrajan)
Guest Twitter: Alexis Robinson (Alexis's Linkeidn)
Podcast Twitter - @CloudSecPod @CloudSecureNews
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security News
- Cloud Security BootCamp
Spotify TimeStamp for Interview Questions
(00:00) Introduction
(05:35) A bit about Alexis
(08:20) What is FedRAMP and why people care about it?
(11:05) Scope of companies included in FedRAMP?
(13:12) Zero Trust Architecture and FedRAMP
(14:07) The concept of Controlled Inheritance
(15:43) Working with Authorising Officials
(16:44) Working with Security Control Officers
(17:46) AO Checklist to full compliance
(20:42) Conflicts in FedRAMP
(25:59) Common pitfalls to avoid on FedRAMP Journey
(31:38) The anti-patterns in getting FedRAMP Compliant
(35:34) FedRAMP is not just GovCloud
(38:12) Requirements with FedRAMP
(39:48) Where do people fall short with FedRAMP?
(41:26) How to make FedRAMP more developer friendly?
(44:17) How is FedRAMP different for Govcloud?
(47:21) What skillsets do you require in a team for FedRAMP?
(49:07) How to learn about FedRAMP
(53:09) Fun Questions
See you at the next episode!
