FedRAMP will provide standardized security and authorization of cloud services.
Looking to expedite the adoption of cloud computing throughout the federal government, United States Federal CIO Steven VanRoekel announced the creation of the Federal Risk and Authorization Management Program (FedRAMP) on Thursday, Dec., 8, in a memo to federal agency CIOs.
The program will deliver a cost-effective, risk-based approach for the adoption and use of cloud services. Operating under a “do once, use many times” framework, federal officials believe that FedRAMP will save cost, time and staff required to conduct security assessments for federal departments to make the jump to the cloud.
The program is also designed to foster relationships between agencies and cloud security providers. Services FedRAMP will provide federal agencies include:
“FedRAMP will enable the federal government to accelerate the adoption of cloud computing by creating transparent standards and processes for security authorizations and allowing agencies to leverage security authorizations on a governmentwide scale,” said VanRoekel in the memo.
“Federal agencies adopting the cloud is inevitable,” said Jennifer Kerber, vice president of Federal Homeland Security Policy for TechAmerica, a U.S. technology advocacy organization, in a statement. “The only question is if it will be done in a secure or insecure fashion. The FedRAMP program could be the game-changer in this equation.”
The program is expected to begin within 180 days. More information is available on the General Services Administration’s FedRAMP Web page.