Rep. Gerry Connolly, D-Va., on Wednesday called on the Department of Defense to stop being a “rogue elephant” when it comes to cloud authorization and the FedRAMP process.
“There is no reason DoD cannot join the rest of the Federal government,” Connolly said, adding that the DoD’s argument that it has unique operations that should exempt it from having to use FedRAMP authorization could be applied to almost any agency. He characterized such behavior as “absurd,” “costly,” and something that “defeats the whole purpose” of FedRAMP.
Connolly said there should be no reason for any Federal agency to have a separate cloud authorization process, and that the requirement for multiple authorizations was one of the major flaws of the program.
“That’s not what it was intended to be,” he said. “We’re even at the point where we require double certification.”
Reiterating his statements in September that the FedRAMP process was far less effective than originally intended, and that if problems such as double certification requirements, lengthy certification times, and high prices weren’t solved, Congress would have to get involved with restrictive legislation.
“We have a tendency sometimes to unfortunately make it worse,” Connolly said. “We need FedRAMP working.”
He did, however, have hopes that the current impetus of IT modernization as a whole would continue forward in the coming years, saying that he finds the looming presidential transition concerning.
“We don’t want to lose the momentum we’ve built,” Connolly said. “We think we kind of have the direction right and we don’t want to lose one moment.”