Cloud.gov clears FedRAMP

The General Services Administration-run cloud.gov hosting platform has completed the final stage of Federal Risk and Authorization Management Program assessment.

The clearance makes Cloud.gov the first fully open-sourced service to attain FedRAMP authorization, according to a Feb. 2 blog post from GSA's 18F innovation shop.

Cloud.gov is a platform-as-a-service developed by 18F that aims to help agencies improve their IT management. The site, which runs on Amazon Web Services' GovCloud, handles many of the FedRAMP technical and compliance requirements of the underlying cloud platform, and allows agencies to focus on their web applications and code instead.

Now that Cloud.gov has cleared the final FedRAMP hurdle, agencies "can start using cloud.gov in production with less upfront work, and using cloud.gov in turn enables them to deliver services faster," the post states.

The Joint Authorization Board, a team of the CIOs from GSA and the Departments of Defense and Homeland Security, granted Cloud.gov a moderate-impact provisional authority to operate.

"We hope that successful use of cloud.gov helps agencies grow more comfortable and familiar with cloud technology, enabling deeper partnerships with both industry cloud providers as well as vendors and contractors that prefer to build using cloud platforms," the post states.

In July, 18F estimated Cloud.gov would be FedRAMP-authorized in November thanks to its participation in the FedRAMP Accelerated review program. Cloud.gov was one of the three pilots for new review process; in September, Microsoft became the first provider to complete the FedRAMP Accelerated program.

After Cloud.gov was declared FedRAMP Ready in May, 18F pushed back its official review with the JAB in order to improve Cloud.gov's technical and operational components, according to the blog post.