The US Government’s Latest Move To Cloud Computing – FedRAMP

Move To Cloud Computing

The US Government’s Latest Move In Cloud Computing

Last week, the US federal government launched the Federal Risk and Authorization Management Program (FedRAMP), which will help to build a single authentication standard for the government’s cloud services. During the past couple of years, the administration has built up a number of projects as  part of its cloud-first policy, and this new project could potentially reduce the burdens of CSPs working with the government. The FedRamp is yet another important initiative from the tech-savvy US administration and might eventually help build security standards across the cloud.

What is the FedRamp?

FedRamp is a government-wide security framework that provides an authentication standard and will evaluate and provide authorization for cloud service providers, who can then work with various government agencies. Currently, the security assessments and authorization are done at agency level, whereas this new program will provide a single point approval. The FedRamp’s stated goal is “do once, use many times”, which could help reduce the burden on CSPs.

Why is it Important?

The new program’s approval is mandatory for all future cloud computing investments by the various agencies. The US government and its agencies are among the biggest spenders on technology, and their move to a common security framework could help bring about a greater degree of standards to the cloud computing industry.

How does it work?

The program has invited third-party assessment agencies and CSPs into the program. So far, nine assessment companies have joined the program. You can learn about who is approved so far here. Using these third-party assessors, the program will authorize the CSPs who will be able to work with the various agencies after the CSPs have complied with the various security requirements set by the program.

What are the goals of the program?

The main goals of the program include building a security framework where the rules and policies are applied consistently across multiple projects. By building consistent, better assessments, the confidence levels of the agencies investing in cloud computing solutions will improve. This could lead to further expansion of government cloud computing projects.

Where can you learn more about the FedRamp?

The program is currently managed by the General Services Administration, as part of the Department of Homeland Security. You can learn more about FedRamp at this GSA page: http://www.gsa.gov/portal/category/102371 

It is a good initiative, and I will be closely observing how it progresses. If it helps bring the much-awaited standards in cloud computing, it will be a great win, not just for CSPs working in government projects, but also for the entire industry. Let’s keep our fingers crossed until then.

By Balaji Viswanathan

Sorry, comments are closed for this post.

Comics
Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, competitors and even foreign governments. Every day, we hear about how another retailer, bank or Internet company has been hacked and private information of customers or employees stolen. Governments and oversight organizations are responding to…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

Beacons Flopped, But They’re About to Flourish in the Future

Beacons Flopped, But They’re About to Flourish in the Future

Cloud Beacons Flying High When Apple debuted cloud beacons in 2013, analysts predicted 250 million devices capable of serving as iBeacons would be found in the wild within weeks. A few months later, estimates put the figure at just 64,000, with 15 percent confined to Apple stores. Beacons didn’t proliferate as expected, but a few…

The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…