FedRAMP Not FedRAMP’d?

Word is that www.fedramp.gov–and even the new, shiny FedRAMP dashboard–are running in a cloud without a FedRAMP ATO. Now, that’s embarrassing. We hear that this is all part of a force play by Noah Kunin, director of delivery architecture and infrastructure services at 18F/TTS. But, it’s not just FedRAMP that’s naked and afraid–it’s usa.gov, digitalgov.gov, businessusa.gov, challenge.gov, performance.gov. Oh, and to make matters more interesting, presidentialtransition.usa.gov is also on the list. In fact, 70-plus government sites, central to the digital revolution that is 18F/TTS, have no FedRAMP ATO–and may all be shuttered immediately.

Huh? Good question. 18F/TTS just received $18 million in funding from the GSA FAS Acquisition Services Fund for the new cloud.gov on a cost-recovery basis–and Mr. Kunin needs to get some paying customers to keep the lights on. Conspiracy theorists might speculate one way to do this–force workloads off the existing Content Management Platform cloud onto cloud.gov by saying CMP’s not FedRAMP ATO’d. Where’s GSA CIO David Shive in this mess? Another question: Who approved the $18 million FAS investment in cloud.gov?

Here’s another little chuckle for agencies and vendors who’ve danced with the FedRAMP/I8F monster. We understand that 18F/TTS is having issues getting its FedRAMP certification for cloud.gov. FedRAMP Accelerated was supposed to certify cloud.gov in November–but now that’s slipping to December. And, one month slip has a nasty habit of leading to another. Go sit on Father Goodrich’s knee and tell him what you want for Christmas. Open government, anyone?