System Teams

​​​The ​​CFACTS application is migrating to AWSCloud for better performance and efficiency. The updated system is known as CFACTS-Cloud. We will be posting updates regularly to help you navigate this transition. 

The migration to AWS cloud is now complete, here’s what you need to know about the new link and authentication flow for this new environment. 

The ​​CFACTS application is migrating to AWSCloud for better performance and efficiency. The updated system is known as CFACTS-Cloud. We will be posting updates regularly to help you navigate this transition. 

You can now explore CFACTS-Cloud, preview new enhancements, and test new features. 

Why is database scanning important?

CMS databases and large data stores are a prime target for attackers because of the volume of sensitive information stored on CMS systems. That includes personally identifiable information (PII), protected health information (PHI), provider and beneficiary information, and intellectual property. 

Tips for families to stay safe online

This month's focus for Cyber360 is navigating cybersecurity as a family. In the digital age, where every household gadget can connect to the internet, cybersecurity is no longer just an individual concern—it's a family affair. From toddlers who can navigate a tablet before they can walk to grandparents who've embraced video calling with gusto, everyone's online. This interconnectedness, while bringing families closer, also opens up new vulnerabilities to cyber-attacks.

Background

Many federal laws, regulations, and policies play a pivotal role in managing security and privacy within CMS. They shape governance and compliance standards and are crucial in defining how security and privacy are upheld across the organization.

Why is the ISPG website (CyberGeek) open to the public?

When we set out to provide one authoritative home for CMS security and privacy information, ISPG leadership decided to make this information “public if possible”. That means instead of putting things behind a CMS login barrier by default, we go through a careful process to determine whether the information can safely be made public. If so, it is published here on our website. There are many benefits to this approach:

What is cryptographic agility?

Cryptographic agility, also called cryptoagility, is the ability for a system to quickly and easily change parts of their encryption mechanism(s).  This encompasses changing encryption keys, key lengths, encryption algorithms used, and even changing the libraries used to perform the encryption.  

How to submit a support request 

You can now submit an inquiry or support request by using the portal here. (Tip: Bookmark this page for easy access.) 

On the support portal, you’ll need to provide: 

What’s changing? 

ARCHER is the underlying application behind CFACTS. ARCHER is being upgraded to 6.14 which will move the top navigation to the lefthand side of the page. This allows for easier access to pages like Assessment & Authorization (A&A), Federal Enterprise Management, and Work Request Management with additional quick access to subpages. Also, the left panel can be collapsed by clicking the round menu button on the right-hand side. 

The Information Security and Privacy Group (ISPG) has a new website — known as “CyberGeek” — that is now your first stop for security and privacy information! Visit CyberGeek at security.cms.gov to learn about the policies, programs, and tools that help keep CMS information and systems safe.