The US Government's Latest Move In Cloud Computing – FedRAMP

Five Things You Need To Know About FedRAMP

The US Government’s Latest Move In Cloud Computing

Last week, the US federal government launched the Federal Risk and Authorization Management Program (FedRAMP), which will help to build a single authentication standard for the government’s cloud services. During the past couple of years, the administration has built up a number of projects as  part of its cloud-first policy, and this new project could potentially reduce the burdens of CSPs working with the government. The FedRamp is yet another important initiative from the tech-savvy US administration and might eventually help build security standards across the cloud.

What is the FedRamp?

FedRamp is a government-wide security framework that provides an authentication standard and will evaluate and provide authorization for cloud service providers, who can then work with various government agencies. Currently, the security assessments and authorization are done at agency level, whereas this new program will provide a single point approval. The FedRamp’s stated goal is “do once, use many times”, which could help reduce the burden on CSPs.

Why is it Important?

The new program’s approval is mandatory for all future cloud computing investments by the various agencies. The US government and its agencies are among the biggest spenders on technology, and their move to a common security framework could help bring about a greater degree of standards to the cloud computing industry.

How does it work?

The program has invited third-party assessment agencies and CSPs into the program. So far, nine assessment companies have joined the program. You can learn about who is approved so far here. Using these third-party assessors, the program will authorize the CSPs who will be able to work with the various agencies after the CSPs have complied with the various security requirements set by the program.

What are the goals of the program?

The main goals of the program include building a security framework where the rules and policies are applied consistently across multiple projects. By building consistent, better assessments, the confidence levels of the agencies investing in cloud computing solutions will improve. This could lead to further expansion of government cloud computing projects.

Where can you learn more about the FedRamp?

The program is currently managed by the General Services Administration, as part of the Department of Homeland Security. You can learn more about FedRamp at this GSA page: http://www.gsa.gov/portal/category/102371 

It is a good initiative, and I will be closely observing how it progresses. If it helps bring the much-awaited standards in cloud computing, it will be a great win, not just for CSPs working in government projects, but also for the entire industry. Let’s keep our fingers crossed until then.

By Balaji Viswanathan

Balaji

Balaji Viswanathan is the founder of Agni Innovation Labs that helps startups and small businesses with their marketing and tech strategy. He has a Masters in Computer Science from the University of Maryland and has been blogging for the past 7 years on technology and business related topics.
FacebookTwitterLinkedInGoogle+Share

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Advertising Programs

Click To Find Out!

Sponsored Posts

Sponsored Posts

CloudTweaks has enjoyed a great relationship with many businesses, influencers and readers over the years, and it is one that we are interested in continuing. When we meet up with prospective clients, our intent is to establish a more solid relationship in which our clients invest in a campaign that consists of a number of

Popular

Top Viral Impact

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Offers Key Benefits For Small, Medium Businesses

A growing number of small and medium businesses in the United States rely on as a means of deploying mission-critical software products. Prior to the advent of cloud-based products — software solutions delivered over the Internet – companies were often forced to invest in servers and other products to run software and store data. The

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow  Online Education is a very exciting topic for many as it opens up many new doors and opportunities. We’ve touched on areas such as Massive Open Online Sources (MOOC) which provides tremendous levels of cloud based interconnectivity. We’ve taken a look into higher education,  the increased demand for online courses as well as

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.

Whitepapers

Top Research Assets

HP OpenStack® Technology Breaking the Enterprise Barrier

HP OpenStack® Technology Breaking the Enterprise Barrier

Explore how cloud computing is a solution to the problems facing data centers today and highlights the cutting-edge technology (including OpenStack cloud computing) that HP is bringing to the current stage. If you are a CTO, data center administrator, systems architect, or an IT professional looking for an enterprise-grade, hybrid delivery cloud computing solution that’s open,

Public Cloud Flexibility, Private Cloud Security

Public Cloud Flexibility, Private Cloud Security

Public Cloud Flexibility, Private Cloud Security Cloud applications are a priority for every business – the technology is flexible, easy-to-use, and offers compelling economic benefits to the enterprise. The challenge is that cloud applications increase the potential for corporate data to leak, raising compliance and security concerns for IT. A primary security concern facing organizations moving