Officials unveil new FedRAMP Web portal, release details on firms seeking government's cloud security seal of approval.
Internet Of Things: 8 Cost-Cutting Ideas For Government
(Click image for larger view and slideshow.)
FedRAMP (Federal Risk and Authorization Management Program), the program that helps agencies migrate to the cloud securely, is making public the names of cloud service providers that are in the process of obtaining the government's security certification.
The information appears in a new FedRAMP resource section on the Federal CIO Council's cloud.cio.gov site. FedRAMP.gov visitors were redirected to the site beginning last week. The new site provides a range of materials that agencies and cloud providers need to meet FedRAMP requirements.
The CIO Council cloud portal pulls together reference documents for agencies, cloud service providers, and third-party assessment organizations from FedRAMP's existing website. That site is run by the General Services Administration, which manages the FedRAMP program. The information is also integrated across the Cloud.cio.gov site, which focuses on users' need to ''learn about, use, acquire, manage and secure'' cloud services.
FedRAMP.gov visitors now land on a section of Cloud.cio.gov
The new site has more forums and FAQs, according to Maria Roat, FedRAMP director at GSA. The GSA will continue to keep its version of the FedRAMP site active, she explained, because many documents out there reference the GSA website.
Agencies are under White House pressure to adopt cloud computing services and have them FedRAMP-certified by June 5, 2014. The program's security standards have attracted interest from cloud providers, but as FedRAMP officials acknowledge, they're trying to expand the offering of approved services.
FedRAMP officials have also announced plans to partner with the public-private group MeriTalk in an effort to widen FedRAMP's visibility within the federal IT market with the launch of the FedRAMP OnRamp.
The promotional site, due to go live March 13, promises to provide additional details about where companies are in the application process. It also plans to report on what agencies can save using FedRAMP-certified cloud services instead of building and certifying their own systems.
Based on preliminary reports from six FedRAMP-certified cloud providers and data on 210 cloud installations, MeriTalk estimates that FedRAMP has saved the government $52.5 million since the program began operating in 2012. It also found the government spent an average of $250,000 to bring each cloud service into full FedRAMP compliance.
Private clouds are moving rapidly from concept to production. But some fears about expertise and integration still linger. Also in the Private Clouds Step Up issue of InformationWeek: The public cloud and the steam engine have more in common than you might think. (Free registration required.)/p>
Wyatt Kash is a former Editor of InformationWeek Government, and currently VP for Content Strategy at ScoopMedia. He has covered government IT and technology trends since 2004, as Editor-in-Chief of Government Computer News and Defense Systems (owned by The Washington Post ... View Full Bio
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.