Around Town

Cloud: Are we there yet?

Image from Shutterstock.com

Where:

AFCEA Bethesda 2014 Cloud Technology Symposium

Who:

Maria Roat, director of FedRAMP, General Services Administration

Kevin Dulany, risk management division chief, Defense Department

James Pyon, vice president, CGI Federal

Greg Bateman, senior director of acquisition programs, Microsoft

Why:

Roat's office at GSA’s Office of Citizen Services and Innovative Technologies was in a frenzy leading up to the June 5 FedRAMP deadline. That date has come and gone, but Roat warned there is still much work ahead to ensure security and consistency for agencies in the cloud.

One of the main purposes of FedRAMP is to simplify the cloud certification process for both agencies and cloud providers, and create consistency in how the parties work together to develop solutions and standards.

Roat said her office often has cloud providers coming in and saying that they’re working with three agencies, and they’re all trying to do something different. That’s where Roat's team comes in; it facilitates a conversation between the three agencies, and looks for opportunities to make everyone’s life a little easier in working with providers.

"We're working to follow the 'Do once, use many times' method," Roat said.

So what is the next year of FedRAMP going to look like? While one audience member asked about 'FedRAMP 2.0,' Roat said that term seems to have appeared out of thin air. It’s not a matter of going from 1.0 to 2.0, she said -- FedRAMP has simply become fully operational.

CGI Federal's Pyon agreed. "In the next year, hopefully we are not talking about the same things we did today," he said. "By then it should be routine, and we should be looking at it from a risk, security and data perspective."

Yet real progress has already been made, Roat and the other panelists stressed, particularly with continuous monitoring to ensure the security of data in the cloud.

"Continuous monitoring as a whole has made the environment more secure," Roat said. "The amount of detail and the rigor we have gone through with cloud providers -- we’re forcing that function of risk and CM documentation."

Looking forward, Dulany said he would like to see industry play more of a role in creating standards -- a move he said would take the weight off of government to create standards on cloud services.

About the Author

Colby Hochmuth is a former staff writer for FCW.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.