June 5th is a date that is likely circled in red on the calendars of government IT buyers and cloud services vendors alike. This date doesn’t represent an upcoming summer vacation but instead the deadline for service providers to obtain Federal Risk and Authorization Management Program (FedRAMP) accreditation for federal security standards compliance, thereby opening up the doors for agencies to procure cloud offerings from a wider pool of providers.
In the meantime, these next several months present a great opportunity for agencies to assess their existing cloud vendors as well as research the services available from the growing list of companies who meet the nearly 300 security controls based on National Institute of Standards and Technology (NIST) guidelines that govern how agencies should secure their information technology systems.
Keith Trippie, Executive Director of the Enterprise System Development Office at the Department of Homeland Security, whose agency uses private and public cloud for communications and collaboration, believes the move to the cloud can improve time-to-market for services and innovation and requires less capital. DHS currently has nine cloud computing environments and the entire agency has moved to the cloud for email.
Once the deadline is met for FedRAMP, agencies will have greater flexibility in decision-making on IT acquisition and how they spend their budgets, Trippie said during a webcast earlier this month. To drive his point home, Trippie likened the flexibility to a buffet table where “if you want steak, you eat steak;, if you want chicken, you eat chicken.”
The list of FedRAMP-compliant cloud service providers is growing, offering agencies many more options and diversity. It also presents an opportunity for agencies to explore and reassess their approach to the cloud and validate their current or future services. But FedRAMP director Maria Roat cautions that the approval process can take four to six months. Agencies should ensure the cloud services they are using or considering are approved or already in the review process, as June will arrive quickly.
This expansion of cloud services ultimately offers agencies a range of exciting new platforms and services aimed at delivering more cost-effective and efficient services. “A lot of capabilities are out there in the cloud,” Roat said. “Agencies need to think through how best to use that.”
