Cloud and Government: Have We Finally Made a Love Connection?

Posted on September 14, 2022 by Kerry Rea President of GovEvents

The government's relationship with cloud computing has been an evolving affair. Initially, there was skepticism that cloud solutions could not provide the needed security that on-premise systems had been providing. With checks and balances provided by FedRAMP, security concerns were slowly but surely overcome. With the move to more remote work and the demand for digital interaction with citizens, cloud has moved from a novel approach to a necessary part of the Federal IT infrastructure.

Cloud and Security

Initial concerns about the levels of security maintained by cloud providers have proven to be unfounded. Cloud systems are built with security as a top of mind concern by some of the brightest, most experienced cyber experts in the world. No matter how skilled Federal IT teams are, they just cannot build an on-premises system that meets the same rigors. In fact, today cloud security concerns lie with the users of cloud rather than the providers. Continue reading →

Cloud Is No Longer the Exception, but the Rule

Posted on November 18, 2021 by Kerry Rea President of GovEvents

Remote work, necessitated by the pandemic, accelerated many agencies' move to cloud computing. With remote and dispersed teams here to stay, cloud is a critical, if not primary, infrastructure for a number of organizations. With this wide reliance on cloud, the Cybersecurity and Infrastructure Security Agency (CISA) has been releasing Trusted Internet Connections 3.0 Use Cases, which give federal agencies guidance on applying network and multi-boundary security for remote users.

Similarly, the Defense Information Systems Agency (DISA) recently combined its Cloud Computing Program Office (CCPO) with its services directorate and ecosystem. This move, creating the Hosting and Compute Center (HaCC), recognizes the long-term reality of cloud and the role it plays in delivering services and powering everyday work for the agency. The HaCC will be "responsible for providing the warfighter with critical hosting and compute functions using modern data center and cloud capabilities." This functionality supports a number of Defense Department initiatives including Joint All Domain Command and Control. Continue reading →

The Show Must Go On. How State and Local Governments are Powering Through Budget Shortfalls

Posted on March 10, 2021 by Kerry Rea President of GovEvents

Though the word may be overused, state and local governments are indeed facing unprecedented challenges. Forced to move operations online in response to their own stay-at-home orders, state and local agencies have spent the last year retooling how they serve citizens. They have been paying for necessary technology upgrades and other new equipment while revenues from taxes have dropped considerably. Even with these financial challenges, state CIOs are committed to continuing with their innovation and modernization efforts.

A study from the National Association of State CIOs (NASCIO) showed that priorities for state and local CIOs stayed consistent over the last year, with cybersecurity and enhancing digital citizen service being the top two. Of course, these two areas saw critical investments in 2020 just to keep the business of government running. In 2021, the solutions put in place will be revisited, evaluated for efficiency, and operationalized to support agencies moving forward.

Continue reading →

Formalizing the Future of Cloud in Government

Posted on February 3, 2021 by Kerry Rea President of GovEvents

In one of its first acts, the 117th Congress passed the FedRAMP Authorization Act. This bill codifies the Federal Risk and Authorization Management Program (FedRAMP) and, in the process, speeds up the time it takes for cloud solutions to be implemented in the Federal government. Currently, cloud solutions must frequently gain separate authority to operate statuses for each agency where they are used. This bill looks to have the General Services Administration (GSA) automate processes to promote reciprocity for security validations from one agency to another.

This bill was passed at a critical time for cloud adoption within government as agencies continue to accelerate their digital plans to meet the needs of a remote workforce. While the way has been cleared for "emergency" use of cloud to keep the business of government running, laws and policy like this Act ensure that there is long term support for the move to cloud services.

Continue reading →

FedRAMP’s Role in a Post-COVID World

Posted on May 6, 2020 by Kerry Rea President of GovEvents

The Federal Risk and Automation Management Program, more widely known as FedRAMP, was put in place in 2011 to create a standardized approach to evaluating the security controls of cloud solutions for government use. For nearly a decade, FedRAMP has continually evolved to keep up with the growing availability of and demand for cloud solutions. In fact, the number of authorizations granted between 2016 and 2018 increased roughly 33% year over year.

With this in mind, the latest modernization of FedRAMP may be coming via the FedRAMP Authorization Act of 2019, which would expedite the approval process. Of particular interest is language in the bill that introduces the "presumption of adequacy." This means that once a cloud vendor is authorized through the FedRAMP process with one agency, it is cleared to work with other agencies under that initial authorization. The legislation also formalizes roles and responsibilities, designating the Office of Management and Budget as responsible for FedRAMP policy and making the General Services Administration in charge of day-to-day implementation. Finally, the bill stipulates metrics to track the implementation of the program.

Further influencing the demands on FedRAMP is the quick surge of support for flexible cloud solutions to enable telework environments amid the COVID-19 response. These developments may have a significant impact moving forward. While private industry is stepping up and offering technology for free to help secure public health and safety, the federal government must still look to FedRAMP guidance in utilizing cloud solutions. Today, more than ever, a quick and efficient approval process is essential.

Continue reading →

Tag Archives: FedRAMP

CEUs

CFPs

Please enter your email and password: