Cloud

Should FedRAMP be the standard for all public sector?

FedRAMP logo. (Update 2014)

The Federal Risk and Authorization Management Program is the law of the land for federal agencies looking to the cloud, but could FedRAMP become a broader standard for other governments as well?

Wade Daley, Canada's chief technology officer, said on June 26 at the Amazon Web Services Symposium in Washington, D.C., that he'd had "good discussions with the U.S. government on their FedRAMP program," and was looking at how Canada might adopt that approach.

Matt Goodrich, the General Services Administration's FedRAMP director, confirmed that discussions were ongoing. "The FedRAMP PMO has had conversations with Canada," he said, "and we are looking forward to continued discussions in person in July."

Private-sector cloud providers have expressed a desire to leverage FedRAMP approval in other markets. And while GSA has neither the authority nor the desire to mandate FedRAMP compliance at other levels of government, Goodrich told FCW that voluntary adoption was certainly something to encourage.

At the state level, he said, "GSA and FedRAMP have worked with the National Association of State CIOs since inception. Recently GSA briefed many of the state CIOs at NASCIO's DC Fly-In on ways that they could leverage FedRAMP at the state level."

"FedRAMP sets the bar for how to protect federal data when it resides in cloud environment," Goodrich said, and GSA " believes that state and local governments can leverage this security standard for comparable needs at the local level." 

About the Author

Troy K. Schneider is editor-in-chief of FCW and GCN, as well as General Manager of Public Sector 360.

Prior to joining 1105 Media in 2012, Schneider was the New America Foundation’s Director of Media & Technology, and before that was Managing Director for Electronic Publishing at the Atlantic Media Company. The founding editor of NationalJournal.com, Schneider also helped launch the political site PoliticsNow.com in the mid-1990s, and worked on the earliest online efforts of the Los Angeles Times and Newsday. He began his career in print journalism, and has written for a wide range of publications, including The New York Times, WashingtonPost.com, Slate, Politico, National Journal, Governing, and many of the other titles listed above.

Schneider is a graduate of Indiana University, where his emphases were journalism, business and religious studies.

Click here for previous articles by Schneider, or connect with him on Twitter: @troyschneider.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.