Understanding FedRAMP

  • Home
  • Understanding FedRAMP
Understanding FedRAMP
Understanding FedRAMP
Understanding FedRAMP
Understanding FedRAMP
Understanding FedRAMP

Since you opened this article and started reading it, a cyber-attack is attempted on an organization. Cybersecurity is not optional anymore. At least one cyberattack is attempted on an organization every few seconds. Many companies who believed they were too small to be attacked by these cyber criminals are not operating anymore. It is imperative that organization adequately prepare themselves for cyberattacks.
The government launched Federal Risk and Authorization Management Program (FedRAMP) in 2012. It has played a key role in ensuring adoption of cloud and establishing a common baseline for ensuring adequate security for cloud products and services.

The Federal Risk and Authorization Management Program (FedRAMP) promotes the adoption of secure cloud services across the U.S. government, providing a standardized approach to security assessments for cloud service offerings. FedRAMP creates a partnership between the federal government and industry. Together, it modernizes IT infrastructure while protecting federal information.

Prior to FedRAMP, vendors had to meet different security requirements for each federal agency. FedRAMP eliminates this duplication by providing a common security framework, making it possible for agencies and cloud service providers to reuse authorizations. Agencies review a standardized set of security materials against one common baseline. A cloud service offering is authorized once and then the security package can be used by any federal agency.

FedRAMP’s guiding principle is reuse: do once, use many times.

The program is mandatory, and federal agencies must ensure the cloud solutions they use meet FedRAMP requirements.The program saves government an estimated 30-40 percent in costs, as well as time and staff resources.

Getting FedRAMP authorization is serious business. The level of security required is mandated by law. There are 14 applicable laws and regulations, along with 19 standards and guidance documents. It’s one of the most rigorous software-as-a-service certifications in the world.

Checkout the introduction to FedRAMP:

Botsavvy will be releasing toolkit to assist you in performing FedRAMP self assessment.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.