Around Town

Cloud: Are we there yet?

Image from Shutterstock.com

Where:

AFCEA Bethesda 2014 Cloud Technology Symposium

Who:

Maria Roat, director of FedRAMP, General Services Administration

Kevin Dulany, risk management division chief, Defense Department

James Pyon, vice president, CGI Federal

Greg Bateman, senior director of acquisition programs, Microsoft

Why:

Roat's office at GSA’s Office of Citizen Services and Innovative Technologies was in a frenzy leading up to the June 5 FedRAMP deadline. That date has come and gone, but Roat warned there is still much work ahead to ensure security and consistency for agencies in the cloud.

One of the main purposes of FedRAMP is to simplify the cloud certification process for both agencies and cloud providers, and create consistency in how the parties work together to develop solutions and standards.

Roat said her office often has cloud providers coming in and saying that they’re working with three agencies, and they’re all trying to do something different. That’s where Roat's team comes in; it facilitates a conversation between the three agencies, and looks for opportunities to make everyone’s life a little easier in working with providers.

"We're working to follow the 'Do once, use many times' method," Roat said.

So what is the next year of FedRAMP going to look like? While one audience member asked about 'FedRAMP 2.0,' Roat said that term seems to have appeared out of thin air. It’s not a matter of going from 1.0 to 2.0, she said -- FedRAMP has simply become fully operational.

CGI Federal's Pyon agreed. "In the next year, hopefully we are not talking about the same things we did today," he said. "By then it should be routine, and we should be looking at it from a risk, security and data perspective."

Yet real progress has already been made, Roat and the other panelists stressed, particularly with continuous monitoring to ensure the security of data in the cloud.

"Continuous monitoring as a whole has made the environment more secure," Roat said. "The amount of detail and the rigor we have gone through with cloud providers -- we’re forcing that function of risk and CM documentation."

Looking forward, Dulany said he would like to see industry play more of a role in creating standards -- a move he said would take the weight off of government to create standards on cloud services.

About the Author

Colby Hochmuth is a former staff writer for FCW.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.