Federal Cloud First FedRAMP Enhances Cloud Security

We’ve said it before, and we’ll say it again… Cloud computing and Office 365 are not just for the private sector.  Governmental agencies are slowly but surely making their way to the Cloud.  With the way technology advances, it is inefficient and costly to be operating on hosted or on-premises servers.  With a move to Office 365, governmental agencies are finding lower costs and new capabilities.  So whether your organization is in the public sector, private sector, non-profit or education, contact Agile IT today to arrange your free consultation and start planning your move to Office 365.

 

According to IDC, the federal government will spend $118.3 million on public cloud solutions in FY14, and more than $1.7 billion on private cloud solutions. The private cloud expenditure is slightly lower than it was in FY13, while the public cloud figure reflects an increase of about 33 percent. Looking ahead a few years, however, private cloud expenditures are expected to grow dramatically, reaching $7.7 billion by FY17.

 

The increase in cloud usage is prompted in large part by a policy change that began in the federal government several years ago. At the end of 2010, the Office of Management and Budget established the “Cloud First” policy as part of an IT reform plan.

 

The plan was designed to modernize federal IT systems on a number of fronts, including reducing the number of data centers and fixing or eliminating unsuccessful IT projects. As with the use of cloud technology in the private sector, the goal of transitioning to the cloud was to reduce costs and increase efficiency, agility and innovation.

 

Each agency was required to identify, within three months, three services that could be moved to the cloud, to move one of them to the cloud within a year and to move the other two within 18 months. Given the technological and administrative challenges involved, it is not surprising that many agencies fell short.

 

In a well-publicized report issued by the Government Business Council and Accenture in December 2013, only 30 percent of the federal executives surveyed indicated that they had cloud plans underway. A much smaller percent of respondents had actually transitioned any of their applications to the cloud.

 

Other milestones, including the June 5, 2014, deadline for agencies to certify their cloud systems with the Federal Risk and Authorization Management Program (FedRAMP) also proved difficult to meet. Yet some agencies were successful, and those agencies that were able to launch cloud services are being rewarded with lower costs and new capabilities.

 

Numerous agencies—including the departments of Agriculture, Health and Human Services, Homeland Security, State and Treasury, as well as the General Services Administration—successfully met the initial requirement for identifying and deploying three cloud services.

 

In 2013, the Environmental Protection Agency (EPA) migrated to Microsoft Office 365, the cloud version of Microsoft’s productivity suite. In addition to fostering collaboration, the shift to the cloud is expected to save the agency $12 million over four years.

 

Two types of FedRAMP approval are available. One is through the Joint Authorization Board (JAB), which is the primary governance and decision-making body for the FedRAMP program. JAB provides Provisional Authorization to Operate (P-ATO) for cloud solutions, and approves accreditation criteria for third-party assessment organizations (3PAOs). JAB approvals can be used throughout the federal government. Companies can also seek agency-sponsored FedRAMP approvals, which are only valid for that agency.

 

In the Government Business Council/Accenture report, the largest single concern expressed by respondents related to security. As compliance with FedRAMP continues to take root, that unease may diminish, but it remains a concern in the government sector as it does in the private sector.

 

Another challenge is staffing. Only a third of the executives felt certain that their agency had the staff necessary to execute a transition to the cloud. Half were not sure if the length of the procurement process was having an impact on cloud adoption, but the majority of those who did know felt that it was having an adverse effect.

 

Contracting procedures are also in a state of flux. Agencies are accustomed to paying a specified dollar amount for a specified service, and “pay as you go” is not part of that model.

This article excerpt, by Judith Lamont, Ph.D., originally appeared here: http://bit.ly/1rfQMKq