FedRAMP’s Role in a Post-COVID World

The Federal Risk and Automation Management Program, more widely known as FedRAMP, was put in place in 2011 to create a standardized approach to evaluating the security controls of cloud solutions for government use. For nearly a decade, FedRAMP has continually evolved to keep up with the growing availability of and demand for cloud solutions. In fact, the number of authorizations granted between 2016 and 2018 increased roughly 33% year over year.

With this in mind, the latest modernization of FedRAMP may be coming via the FedRAMP Authorization Act of 2019, which would expedite the approval process. Of particular interest is language in the bill that introduces the "presumption of adequacy." This means that once a cloud vendor is authorized through the FedRAMP process with one agency, it is cleared to work with other agencies under that initial authorization. The legislation also formalizes roles and responsibilities, designating the Office of Management and Budget as responsible for FedRAMP policy and making the General Services Administration in charge of day-to-day implementation. Finally, the bill stipulates metrics to track the implementation of the program.

Further influencing the demands on FedRAMP is the quick surge of support for flexible cloud solutions to enable telework environments amid the COVID-19 response. These developments may have a significant impact moving forward. While private industry is stepping up and offering technology for free to help secure public health and safety, the federal government must still look to FedRAMP guidance in utilizing cloud solutions. Today, more than ever, a quick and efficient approval process is essential.

Continue reading

Introducing Drones into the Government Toolkit

DroneFrom military missions to public safety applications to infrastructure inspections, drones have many applications across government. While the technology is ready for all of these applications (and more), there are complex regulatory and legal issues that are holding up their widespread use. These issues include airspace regulations (for the safety of manned and unmanned flights), privacy concerns (related to on-board cameras), and cybersecurity concerns.

While these issues are being discussed in the courts and across regulatory bodies, state and federal level agencies are taking steps to integrate drone usage into their processes. For federal agencies, drones are available on the GSA Schedule. State and local organizations are piloting a drone-as-a-service model that allows groups to use drones for specific-use cases without having to invest in the purchase and maintenance of the hardware.

There are a number of upcoming events that address both the technology and the policies that impact current and future drone usage. Continue reading

Department Spotlight: U.S. Department of the Treasury

The U.S. Department of the Treasury is the steward of U.S. economic and financial systems, and is responsible for maintaining the nation's financial infrastructure. This includes the production of currency, the disbursement of payments to the American public, revenue collection, and the borrowing of funds necessary to run the federal government. The most familiar agency within Treasury may also be the most dreaded, the Internal Revenue Service (IRS). With tax time approaching, we thought it was a good time to look at the challenges and focus of the Treasury.

  • Cybercrime - The Treasury has always been focused on preventing fraud related to currency and tax evasion, but much like the Department of Defense has recognized cyberspace as a new battlefield. Treasury is now focusing on the Internet as the primary stage for money-related crimes. The speed at which crimes are carried out online require new techniques and tools. The use of cryptocurrencies to mask criminal behavior is also a huge focus of the Treasury's investigative departments.
  • Blockchain - While blockchain has a tie to the movement of cryptocurrencies (both legitimate and criminal), Treasury is also looking at the technology as a way to better facilitate the management of federal grant funds. In one case, the National Science Foundation is using blockchain to track grant payments and ensure that the terms of the grant are being followed.
  • Cloud - Like the Intelligence community, Treasury is looking to develop a cloud solution that meets the unique security needs of its mission while delivering on the efficiencies of the on-demand nature of cloud. The Department is developing a proposal for "T-Cloud," an enterprise wide suite of cloud and professional services across multiple providers. The goal to is award this contract and get it implemented by 2022.
  • Citizen Experience - The IRS may be one of the most visible government agencies as citizens interact with them at least once a year. With their high touch with the public, the IRS has been a leader in redefining what customer service means in government. In fiscal 2018, 90% of customers were satisfied with their service via phone or a tax assistance center. This does not mean the work is done. A recent report gave the IRS a C+ on its use of language, saying the agency needs to make their web content more user-friendly using Plain Language

For those working at or supporting the Treasury, there are several upcoming events that can help bring these challenges and their solutions into focus.

Continue reading

2020 Is Not the Year for Hindsight – A Look at Government Priorities

With the government fiscal year starting in October, our Federal government gets a head start on their New Year's resolutions. As we launch into a new year--a new decade, even--we wanted to take a quick look at government technology priorities for 2020 and beyond.

Cybersecurity - In the past decade security has transitioned from a stand-alone technology that had to be added to planning and systems, to a utility-type service that is baked into every piece of technology deployed within government. This fall, Federal CIO, Suzette Kent shared her focus areas for the next year (and beyond) to include cross-agency information sharing, improved identity management, and increased workforce cybersecurity literacy.

Reskilling - The introduction of automation into administrative functions is driving a need for employees to be re-skilled. While machines are not taking over the jobs of humans, they are improving efficiency in many roles, freeing up time for people to take on more complex (and frankly, more interesting and more important) roles within an organization. Continue reading

A Look Back at the Decade: Government Tech Edition

With the closing of the decade, we thought it would be interesting to look back at the top technology headlines of 2009 and compare them to where the market is today.

Data on the Rise

Big news was the launch of data.gov in late May of 2009. The site was championed by the country's first Federal CTO, Vivek Kundra, as a way to enable citizens to access federal data. In addition to making the government more transparent, the hope was that private sector could use the massive amount of federal data in research and to create innovative programs and solutions. The site launched with 47 data sets and as of the last reporting (June 2017) it now holds approximately 200,000 datasets, representing about 10 million data resources. Beyond these numbers, data.gov's impact has been significant.

Thousands of programs can point to the site as the basis for their development. More importantly, it launched a new way of thinking in government. Agencies stopped being as territorial about their data and slowly but surely became more open to sharing it with one another and with the public as they saw what innovation can happen with simple access. In 2019, the vision of data.gov expanded with the Open, Public, Electronic and Necessary Government Data Act, requiring that nonsensitive government data be made available in machine-readable, open formats by default. Continue reading