FedRAMP
FedRAMP compliance is important to any government entity taking advantage of the scalability and performance of cloud infrastructure.
The Federal Risk and Authorization Management Program – or FedRAMP – is the youngest of its federal data security policy siblings. Only just suggested as a concept in early 2010 by officials in the General Services Administration, FedRAMP was signed into existence in late 2011.
While HIPAA and CJIS are more industry specific and technology agnostic, FedRAMP is a government wide program that provides a uniform approach to security assessment, authorization, and continuous monitoring for cloud products and services.
The Federal Risk and Authorization Management Program – or FedRAMP – is the youngest of its federal data security policy siblings. Only just suggested as a concept in early 2010 by officials in the General Services Administration, FedRAMP was signed into existence in late 2011.
While HIPAA and CJIS are more industry specific and technology agnostic, FedRAMP is a government wide program that provides a uniform approach to security assessment, authorization, and continuous monitoring for cloud products and services.
The goal of FedRAMP is to enable federal agencies to quickly update their legacy IT to secure and cost effective cloud-based IT. Additionally, it enables consistency in security that is offered by cloud service providers. These reassurances dramatically reduced the time needed to procure cloud.
Since its inception, FedRAMP’s coverage has grown rapidly. According to its website, its program covers more than 220 cloud service providers, 150 federal agencies, and one third of the world’s internet traffic. Any cloud services that hold federal data must be FedRAMP authorized and follow the specific set of guidelines and regulations to avoid violations and fines.