We wish to make our mobile apps Fedramp compliant, need guidance on how to begin?
Asked
Active
Viewed 131 times
1 Answers
-1
• Your mobile applications will be native iOS/android public client applications mostly running on Xamarin like platforms. Thus, they need to be FedRAMP High compliant to be hosted on Azure Government cloud. Thus, to be FedRAMP High compliant, you need to follow the guidelines mentioned below in official documentation and set the policies in your Azure tenant accordingly.
• These policies are divided into several categories, viz., Access control, Audit and accountability, Configuration Management, Contingency planning, Identification and Authentication, Incident Response, Risk assessment, System and communications protection and System and Information integrity. These policies are further divided into Account Management, Automated System Account Management, Role-based Schemes, Account Monitoring / Atypical Usage, Access Enforcement, Information Flow Enforcement, Separation of Duties, Least Privilege, Review of User Privileges, Remote Access, etc. as such.
Thus, please refer to the official documentation link below for detailed information on its configuration and compliance satisfaction: -
https://learn.microsoft.com/en-us/azure/governance/policy/samples/fedramp-high
Kartik Bhiwapurkar
- 4,550
- 2
- 4
- 9
-
FYI the question is off-topic - there is no programming question, and it's a general high level request for information. This should be closed as either 'needs more focus' or a 'documentation' request. There's nothing to answer here, and what you've posted is fully covered in the already-published docs (where the OP should start their journey). No need to recreate existing documentation here, and no need to answer high level questions with nothing specific. – David Makogon Mar 24 '22 at 12:30