The storm clearly has not passed for some big programs run by the General Services Administration, including FedRAMP’s spending of $150,000 in taxpayer money to duplicate an online dashboard capability that had already been developed in the private sector and made available to the government for free….Also, Rep. Will Hurd, R-Texas, is back with another bill aimed at IT modernization. […]
The General Services Administration on Tuesday released the FedRAMP Readiness Assessment Report, a template that allows cloud service providers to quickly determine whether they are ready to pursue FedRAMP authorization.[…]
Federal agencies can now use cloud computing systems to store their most sensitive, unclassified data, through the recent release of the Federal Risk and Authorization Management Program High Baseline.
“This release allows agencies to use cloud environments for high-impact data, including data that involves the protection of life and financial ruin,” said the FedRAMP announcement.
Less than three months after a wave of negative feedback from industry forced the General Services Administration to revamp the Federal Risk and Authorization Management Program, a new MeriTalk survey shows for the first time that many government IT officials doubt the value of the program in its current form.[…]
FedRAMP Director Matt Goodrich said some Federal agencies may have refused to share a FedRAMP ATO granted to a CSP, but that’s only a small part of the story behind one of the major shortcomings of the FedRAMP program. One theory: It’s not that agencies are refusing to share—it’s that cloud service providers are failing to capture new business.[…]
Third party cloud security auditing firms are worried that new documentation requirements put in place by FedRAMP could open them to significant liability risks.[…]
Two months after a cloud industry advocacy group published a scathing assessment of the Federal government’s cloud computing security certification process and took their concerns to Capitol Hill, the General Services Administration’s FedRAMP announced significant structural changes to the way the government will assess cloud service providers.
A representative of a Federal cloud computing industry advisory group filed a formal complaint this week with the General Services Administration’s inspector general alleging officials from FedRAMP issued veiled threats of retaliation against member companies that publicly voiced concerns about problems with the cloud security certification process.[…]
The Commerce Department is looking for a Deputy CIO and a CTO. … Andy Purdy, the former acting director of the Department of Homeland Security’s National Cyber Security Division who recently became the chief security officer of Huawei Technologies USA, is now the vice chairman of the Open Group Trusted Technology Forum. … And the FedRAMP Program Management Office held a very efficient all-hands meeting.[…]
Former NSA Director Michael Hayden’s new book, Playing To The Edge: American Intelligence In The Age Of Terror, raises tough questions about the Obama administration’s lack of support for the agency following the Edward Snowden revelations. Also, the GSA’s in-house innovation lab, known as 18F, is expanding its consulting services. But is that somehow crossing a line?[…]