TheConversation

Blog archive

Did Amazon short-cut FedRAMP?

Teresa Carlson

The government is still trying to figure out the best ways to use cloud computing, says Teresa Carlson, vice president of worldwide public sector at Amazon Web Services. (FCW photo)

An FCW reader objected to our story on Amazon Web Services' gaining FedRAMP certification, writing: Amazon did not go through the ACTUAL FedRAMP certification process. They went through an Agency ATO (Authority to Operate) process using the FedRAMP controls as a guideline. And it speaks volumes of both the tech press and federal leadership's preference for firms perceived as new-age/glamorous that neither you nor them has taken the time to correct this misconception. (Rather than shamelessly spread it.)

Executive Editor Troy K. Schneider responds: The second sentence of our story states that the authorization came via the Department of Health and Human Services, rather than the FedRAMP Joint Authorization Board. The General Services Administration's FedRAMP team has been similarly clear about the path to approval, as was Amazon itself.

But an agency-provided authority to operate is no less "real" than a JAB-certified ATO. Scott Renda, the Office of Management and Budget's cloud computing and Federal Data Center Consolidation Initiative portfolio manager, spoke to this at the FOSE conference a week before Amazon's announcement.

"We never intended the JAB to authorize every system in government," Renda said. "That's a myth. And it would slow things down." What the FedRAMP team wants, he stressed, "is to implement a government-wide standard."

Posted by Troy K. Schneider on May 29, 2013 at 12:10 PM


Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.