Single Standard For Cloud-Computing Services

Single Standard For Cloud-Computing Services

The Federal Risk and Authorization Management Program, also known as FedRAMP, is adopting a “cloud-first” policy that will standardize the basic security requirements that cloud-computing providers, such as Google and Microsoft, will have to meet before receiving government contracts. Third-party assessment organizations will be hired to verify whether companies meet the basic security requirements.

This change is aimed to improve IT procurement and comes as the government is in the process of transferring computer services, such as e-mails, to cloud-based systems. Technology programs have been shut down in the last months because they have been running over budget and behind schedule, so fixing IT is a priority. The main goal is to build a security framework where the rules and policies are applied consistently across multiple projects.

How will this program work?

This initiative will standardize the security of cloud products and services and accelerate their adoption. The purpose is to set one government-wide cloud security program, meaning that a vendor would not have to repeat the security approval process every time it wants to bid on a cloud-computing contract.

A list with accredited third-party assessment organizations is available for vendors to help them authenticate more than 160 security controls, including spam filter capabilities and encryption standards.

What are the benefits of the program?

  • The process will reduce the redundancy of multiple agencies evaluating the same cloud product. For companies, the time to sell to the government will be shorter.
  • Increases re-use of existing security assessments across agencies.
  • Saves significant cost, time and resources.
  • Enhances transparency between government and cloud service providers (CSPs).
  • Improves the trustworthiness, reliability, consistency, and quality of the Federal security authorization process.

The program is managed by the General Services Administration, as part of the Department of Homeland Security. You can read more about FedRamp at this GSA page:
If it brings the standards that everyone awaits in cloud computing, it will be a great win, both for CSPs working in the government projects and the entire industry. In time, we will see if this is a good initiative or not. What do you think?

By Rick Blaisdell / RicksCloud

Follow Us!


Established in 2009, is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Advertising Programs

Click To Find Out!

Sponsored Posts

Sponsored Posts

CloudTweaks has enjoyed a great relationship with many businesses, influencers and readers over the years, and it is one that we are interested in continuing. When we meet up with prospective clients, our intent is to establish a more solid relationship in which our clients invest in a campaign that consists of a number of


Top Viral Impact

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs SMEs (Small/Medium Sized Enterprises) make up the bulk of businesses today. Most cloud based applications created today are geared toward the SME market. Accounting, Storage, Backup services are just a few of them. According to the European Commission, cloud based technology could help 80% of organisations reduce costs by

2014 Future Of Cloud Computing Survey Results

2014 Future Of Cloud Computing Survey Results

Engine Yard Joins North Bridge Venture Partners, Gigaom Research and Industry Collaborators to Unveil 2014 Future of Cloud Computing Survey Results SAN FRANCISCO, CA–(Marketwired – Jun 25, 2014) – Engine Yard, the leading cloud application management platform, today announced its role as a collaborator in releasing the results of the fourth annual Future of Cloud Computing Survey,

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.


Top Research Assets

HP OpenStack® Technology Breaking the Enterprise Barrier

HP OpenStack® Technology Breaking the Enterprise Barrier

Explore how cloud computing is a solution to the problems facing data centers today and highlights the cutting-edge technology (including OpenStack cloud computing) that HP is bringing to the current stage. If you are a CTO, data center administrator, systems architect, or an IT professional looking for an enterprise-grade, hybrid delivery cloud computing solution that’s open,

Public Cloud Flexibility, Private Cloud Security

Public Cloud Flexibility, Private Cloud Security

Public Cloud Flexibility, Private Cloud Security Cloud applications are a priority for every business – the technology is flexible, easy-to-use, and offers compelling economic benefits to the enterprise. The challenge is that cloud applications increase the potential for corporate data to leak, raising compliance and security concerns for IT. A primary security concern facing organizations moving