Hacker News new | past | comments | ask | show | jobs | submit login

Yep, I just got Azure Gov FedRamped on my project and it was some serious gnashing and pulling of teeth. Writing all those CMS and IRS procedure docs was a great, but arduous experience. There's a larger story here though involving application outside the US, which is what I'd like to pursue after my current project. It definitely will not include Azure unless that becomes a more cost effective platform. Would love to chat with you guys about some ideas.



>I just got Azure Gov FedRamped on my project and it was some serious gnashing and pulling of teeth. Writing all those CMS and IRS procedure docs was a great, but arduous experience.

If you're pulling teeth in regards to FEDRAMP, you can join ##GRC on irc.freenode.org with fellow teeth grinders. Its a chat channel with 20+ Security Auditors and System Administrators dedicated to discussing enforcement, regulations, and systems administration for FEDRAMP and other compliance frameworks.

There's also the brand new subreddit called /r/FEDRAMP that started a few days ago.

https://www.reddit.com/r/FEDRAMP.

Check the sidebar for other compliance frameworks too like /r/SOC2, /r/HIPAA, /r/ISO27001, and /r/PCICompliance.

https://www.reddit.com/r/HIPAA

https://www.reddit.com/r/PCICompliance

https://www.reddit.com/r/ISO27001

https://www.reddit.com/r/SOC2




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: