Brief
Kahua, a project management information system based in the cloud, recently achieved a moderate designation from the federal FedRAMP program setting optimal security protocols for cloud services. In an interview, Kahua Chief Technology Officer Colin Whitlatch explains the FedRAMP program and its different levels, all of which aim at making systems safe by default.
Insight
FedRAMP, a federal government program, delivers best-practice security protocols implemented by cloud services providers on federal government projects. Whitlatch, chief technology officer of Kahua, a cloud-based project management information system, said the company recently achieved the FedRAMP-Moderate designation.
Whitlatch added that other vendors that do not hold this authorization will soon not be allowed to host project data for federal agencies. For example, late last year Arizona released its first request for proposals that tasked vendors with StateRAMP compliance.
Texas has also been moving forward with its own version, according to the Texas Department of Information Resources. Those requirements apply to all state agencies, institutions of higher education and public community colleges.
Construction Dive connected with Whitlatch to discuss the FedRAMP program, the process of achieving designations and cybersecurity in the construction industry.Editor’s note: This interview has been edited for clarity and brevity.CONSTRUCTION DIVE: How vulnerable is the construction industry?
COLIN WHITLATCH: I’m familiar with the attack vector and what comes through. Once you get involved with the FedRAMP program, they start notifying you of everything that’s out there.
The top targets have been more construction related, or they’re infrastructure related. That could apply to things like the power grid. So, infrastructure related and definitely on the construction side. Again, from the government’s perspective, there’s a ton of risk of what people could pull out of systems such as ours.
READ MORE
Recent Comments