Changes to a federal cloud security program, along with technological advancements and the introduction of online tools, have eased the authorization process for cloud service providers.
The Federal Risk and Authorization Management Program (FedRAMP) was created in 2011 to standardize the approach to security assessment, authorization and continuous monitoring for cloud products and services. The governmentwide program has opened opportunities for CSPs to help government agencies migrate from old, insecure legacy IT systems to secure, scalable and cost-effective cloud platforms to support their missions.
Essentially, obtaining FedRAMP authorization is the ticket that allows CSPs to take a bite out of the federal government’s growing cloud computing business. In fiscal year 2018, federal agencies spent $6.5 billion in cloud services, a 32% increase over 2017, according to a report from Coalfire, a cybersecurity advisory and assessment services firm based in Westminister, Colo.
While many opportunities exist, the initial years of the FedRAMP program proved difficult for many CSPs to gain the sought-after Authority to Operate (ATO) status. Three years ago, reports confirmed…
