The most popular and comprehensive Open Source ECM platform
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that is run by the GSA and which provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Security is one of the top issues which FedRAMP is designed to address. With FedRAMP, a vendor need get approved only a single time, and thereafter would become an approved vendor, significantly shortening the process for an agency to sign up for web services from that vendor.
FedRAMP apporval is tested from one of nine accredited third-party assessment organizations. The test requires that the vendor need to be able to pass more than 160 basic security control checks, including spam filter and encryption capabilities.
FedRaMP is officially soliciting vendors who wish to seek approval. The application to the FedRAMP states that “This ‘approve once, and use many’ approach will benefit cloud service providers by speeding the adoption of cloud services by agencies and reducing the cost and time required to conduct redundant, individual agency security assessments.”
While the FedRaMP assessment is in place, the GSA says it still may take another six months before the first approved vendors will be able to take advantage of their fast-track status. Katie Lewin, program manager for cloud computing at GSA, said that she expects three cloud services to be approved by December 2012.