[Verse 1] When data needs a federal home, three levels guard the zone Low for public information, basic controls you own Moderate steps up the game, sensitive data's claim High protects the critical mass, national security's class [Chorus] Low Moderate High, that's the FedRAMP way DoD maps two through six, Illinois levels in the mix Share responsibility, know what's yours to see CSP handles infrastructure, you control what sits on top [Verse 2] GovCloud isolation chambers, Azure Government's layers AWS builds federal castles, GCP Assured hassles Physical security locked down, networks they control But applications and your users, those remain your soul [Chorus] Low Moderate High, that's the FedRAMP way DoD maps two through six, Illinois levels in the mix Share responsibility, know what's yours to see CSP handles infrastructure, you control what sits on top [Bridge] Continuous monitoring never sleeps, vulnerability scanning sweeps Monthly scans for critical flaws, POA&M updates because Inheriting those golden packages, CSP controls you can leverage Build your SSP foundation on their authorization nation [Verse 3] Operating system patches, identity and access matches Data encryption at rest, network security blessed But guest OS configuration, that's your obligation Applications and their code, down your responsibility road [Chorus] Low Moderate High, that's the FedRAMP way DoD maps two through six, Illinois levels in the mix Share responsibility, know what's yours to see CSP handles infrastructure, you control what sits on top [Outro] From hypervisor to the cloud, they've got the bottom proud From OS up to your apps, you fill those security gaps FedRAMP levels guide the trust, continuous monitoring's a must
← 4 FIPS 140-2/140-3 Cryptography | 6 Container Supply Chain Security →