FedRAMP has been around for a while – and there’s a good bit of confusion. You can read the manual – but at 49 pages and growing, it’s not exactly a page turner. There are three flavors of approved FedRAMP CSPs. So far, we think we have 11 cloud service providers – 10 industry and USDA. OMB’s deadline for mandatory FedRAMP for all government cloud services takes effect in June of this year. There is ample opportunity for better communication among agencies using and issuing authorizations.
There’s a lot of talk about innovation and public-private partnership. Hats off to Dave McClure and the team at GSA for great common-sense decision making. GSA’s changing the game on FedRAMP – increasing transparency – to deliver better outcomes. MeriTalk in collaboration with GSA will launch the new FedRAMP OnRAMP. Hosted at the MeriTalk Cloud Computing Exchange, this is a one-stop shopping online portal to answer the big four questions below. It’s a forum for public-private FedRAMP and cloud security discussion.
Net, net – here are the key questions:
- What are government’s FedRAMP cloud service provider options?
- What new FedRAMP cloud service options are coming and when? There are 11 in the pipeline for FedRAMP certification and six lined up to enter the process – but who are they?
- What’s the government’s RoI on FedRAMP – how much has government saved by centralizing security certification?
- How much does it cost and how long does it take for cloud service providers to go through FedRAMP?
MeriTalk will preview the new FedRAMP OnRAMP at the first Cloud Computing Caucus Advisory Group meeting at noon on February 27th on the Hill – Rayburn Hearing Room B369. Maria Roat, FedRAMP Director at GSA, will moderate the public-private session on FedRAMP. Space is limited.
We expect heavy traffic on the FedRAMP OnRAMP.
Look forward to meeting you this Thursday at the Rayburn Building.