Security

Is my company required to register under ITAR?

November 6, 2019 By ezcloud Leave a Comment

A frequently asked compliance question among government contracts firms is whether they are required to register under the International Traffic In Arms Regulations (“ITAR”). ITAR are the State Department controls that regulate defense products, technical data and services. Under ITAR 22 CFR §122.1, parties that manufacture, export or temporarily import “defense articles” or furnish “defense services” are required to register with the Directorate of Defense Trade Controls (“DDTC”) within the State Department. … Read more

ITAR Compliance in Office 365

November 6, 2019 By ezcloud Leave a Comment

The world of government data is surrounded by regulation. Whether that’s FedRAMP compliance, DFARS compliance, and the upcoming Cybersecurity Maturity Model Compliance framework(CMMC) — operating as a government entity (or as a contractor who handles government data) can be tough. Once you take these bundles of regulations and apply the ever-complex technology ecosystem to them, complexities start to mount.… Read more

Who needs to be ITAR registered?

November 6, 2019 By ezcloud Leave a Comment

I often encounter misconceptions about the International Traffic in Arms Regulations (ITAR). Among the biggest sources of confusion is registering as a Manufacturer, Exporter or Broker under the ITAR. Let’s clear up the confusion and shed some light on the matter.… Read more

Understanding Baselines and Impact Levels in FedRAMP

April 18, 2019 By ezcloud Leave a Comment

The FedRAMP PMO fields a number of questions about impact levels and the security categorization of cloud services. Federal Information Processing Standard (FIPS) 199 provides the standards for categorizing information and information systems, which is the process CSPs use to ensure their services meet the minimum security requirements for the data processed, stored, and transmitted on them.… Read more