What is FedRAMP?
The Federal Risk and Authorization and Management Program, or FedRAMP, provides “a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”
The FedRAMP framework helps federal government agencies:
- save the resources required to conduct independent assessments
- accelerate adoption of secure cloud solutions
- maintain confidence in the security of their cloud resources
The Benefits of Partnering with a FedRAMP Authorized Cloud Provider
With the Cloud First mandate, the United States government established its vision for the central role of cloud in federal agency operations back in 2012, stating: “cloud computing can significantly improve public sector IT.”
Following issuance of the mandate as part of the Federal Cloud Computing Strategy in 2012, over half of all federal agencies reported they had migrated at least 1 application to cloud infrastructure (as reported by TechTarget).
While many agencies praised the cloud benefits cited in the Strategy, including: agility, efficiency and the opportunity for public sector innovation; it was reported in 2016 that many government CIOs are struggling to adhere to the mandate, as they face procurement, management and security challenges.
FedRAMP – and its standardized approach to cloud security assessment, authorization and monitoring – can help address some of these challenges. The FedRAMP framework helps government agencies ensure that the products/services they are evaluating have the requisite security controls. This reassurance and a standardized overall approach can help expedite the evaluation of cloud products/services.
Agencies that follow the FedRAMP framework can also achieve the following benefits.
Today, the Federal government spends millions of dollars implementing security measures into their IT systems. FedRAMP estimates agencies can save 30-40% by re-applying its assessment framework. This does not account for the time, materials, and resources required to conduct an independent security assessment.
A Standardized Approach to Cloud Security Assessment
With close collaboration from security experts from: General Services Administration (GSA), National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), Department of Defense (DOD), National Security Agency (NSA), Office of Management and Budget (OMB), the Federal Chief Information Officer (CIO) Council and its working groups, as well as private industry; one FedRAMP objective is to provide a “baseline of agreed upon standards” for cloud security.
Accelerate Cloud Adoption
Bypassing what are often duplicated efforts, agencies can accelerate cloud adoption by re-applying the FedRAMP security assessment framework.
Additional Information about FedRAMP
After email, voice is the second most common cloud application. As more agencies looking to migrate their voice and collaboration infrastructure to the cloud, they now have a FedRAMP authorized UCaaS provider catering to the unique security requirements in the government sector.
collab9 is the first and only Unified Communications as a Service (UCaaS) provider authorized by FedRAMP.
For additional information, see the announcement of collab9’s FedRAMP authorization.
Additional FedRAMP Resources
If you are interested in learning more about FedRAMP, or collab9’s authorization, see these related pages: