The US Government’s Latest Move To Cloud Computing – FedRAMP

Move To Cloud Computing

The US Government’s Latest Move In Cloud Computing

Last week, the US federal government launched the Federal Risk and Authorization Management Program (FedRAMP), which will help to build a single authentication standard for the government’s cloud services. During the past couple of years, the administration has built up a number of projects as  part of its cloud-first policy, and this new project could potentially reduce the burdens of CSPs working with the government. The FedRamp is yet another important initiative from the tech-savvy US administration and might eventually help build security standards across the cloud.

What is the FedRamp?

FedRamp is a government-wide security framework that provides an authentication standard and will evaluate and provide authorization for cloud service providers, who can then work with various government agencies. Currently, the security assessments and authorization are done at agency level, whereas this new program will provide a single point approval. The FedRamp’s stated goal is “do once, use many times”, which could help reduce the burden on CSPs.

Why is it Important?

The new program’s approval is mandatory for all future cloud computing investments by the various agencies. The US government and its agencies are among the biggest spenders on technology, and their move to a common security framework could help bring about a greater degree of standards to the cloud computing industry.

How does it work?

The program has invited third-party assessment agencies and CSPs into the program. So far, nine assessment companies have joined the program. You can learn about who is approved so far here. Using these third-party assessors, the program will authorize the CSPs who will be able to work with the various agencies after the CSPs have complied with the various security requirements set by the program.

What are the goals of the program?

The main goals of the program include building a security framework where the rules and policies are applied consistently across multiple projects. By building consistent, better assessments, the confidence levels of the agencies investing in cloud computing solutions will improve. This could lead to further expansion of government cloud computing projects.

Where can you learn more about the FedRamp?

The program is currently managed by the General Services Administration, as part of the Department of Homeland Security. You can learn more about FedRamp at this GSA page: http://www.gsa.gov/portal/category/102371 

It is a good initiative, and I will be closely observing how it progresses. If it helps bring the much-awaited standards in cloud computing, it will be a great win, not just for CSPs working in government projects, but also for the entire industry. Let’s keep our fingers crossed until then.

By Balaji Viswanathan

Sorry, comments are closed for this post.

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in mind when implementing an ERP system. But do you know if cloud-based or on-premise ERP deployment is better for your company or industry? While cloud computing is becoming more and more popular, it is worth…

Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a high level of confidence in how it will be risk-managed and controlled, to preserve the security of their information and integrity of their operations. Cloud implementation is sometimes built up over time in a business,…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for…

5 Things To Consider About Your Next Enterprise Sharing Solution

5 Things To Consider About Your Next Enterprise Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services…

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data (And Why You Need To)

How To Humanize Your Data The modern enterprise is digital. It relies on accurate and timely data to support the information and process needs of its workforce and its customers. However, data suffers from a likability crisis. It’s as essential to us as oxygen, but because we don’t see it, we take it for granted.…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…