How FedRAMP helps prevent the next security breach—in both public and commercial organizations
In late July 2019, Louisiana’s parish school system became the latest public sector network to suffer a security breach. With the number of attacks on government agencies rising—CNN reports more than 22 so far this year—this may be a good moment to review the wide-ranging benefits of the Federal Risk Assessment and Management Program (FedRAMP) for government and commercial entities.
FedRAMP assesses and authorizes Cloud Service Providers (CSPs) that adhere to a strict set of continuously monitored security controls. The program’s goal is to protect Federal data, but more and more non-Federal agencies and businesses are looking to the FedRAMP marketplace for cloud solutions.
A surge in cloud migration adds urgency
Spurred by compliance requirements and directives like the newly released Cloud Smart policy, cloud migration among Federal agencies is taking place at a striking pace. In June 2019, the Pentagon announced it would prioritize cloud spending in its $46-billion IT budget. And a new Federal Cloud Information Center aims to guide other departments and agencies in their journey to the cloud.
Industries are rapidly following suit. BCC Research puts the cloud spend in healthcare at $35 billion by 2022, and a recent poll of industry executives by The Economist’s Intelligence Unit showed that 89% of manufacturers believe cloud technologies will be an important part of the digital manufacturing supply chain in a year.
Reciprocity speeds the process and saves money
For entities within the 16 critical infrastructure industries, partnering with a FedRAMP-authorized CSP eliminates the need to go through a lengthy authorization process for each product or service. FedRAMP’s do-once-use-many process also saves time and money for highly-regulated industries like healthcare, banking, and utilities, all of which interact with sensitive Federal data. Some CSPs have architected operating systems and application bundles that are both FedRAMP-authorized and industry-specific, so cloud migration can be quick and complete.
Security controls boost confidence
The workforce, consumers, constituents, and regulators are all pushing organizations to enhance the security of their data. When an agency or enterprise migrates to the cloud using a FedRAMP-authorized CSP, they inherit a tested, trusted security posture. Products in the FedRAMP marketplace have already met hundreds of security controls. They are continuously monitored for vulnerabilities, and contingency and recovery plans are transparent. That means any organization that uses FedRAMP-authorized CSPs and cloud solutions benefits from the same high-security standards as Federal agencies.
FedRAMP clears a safe path to innovation
Artificial intelligence, machine learning, and IoT have the potential to transform agency missions and drive business success—but cloud migration is a necessary first move. FedRAMP-authorized CSPs and cloud solutions give organizations a map to securely adopting and integrating transformative technologies. FedRAMP authorization ensures that every layer of an organization’s IT structure—from the operating system to industry-specific applications to data analytics—is continuously monitored and assessed. Innovations can be quickly integrated into a secure architecture.
FedRAMP’s mission is to keep Federal data and U.S. citizens safe in an environment of ever-escalating threats. State and local governments and commercial enterprises can leverage the program’s stringent authorization process to increase security, confidence, and innovation in their own cloud strategies.
Learn more about Infor's FedRAMP platform.
- Security & Compliance
- Banking and Financial Services
- Federal Government
- Industrial Manufacturing
- Public Sector
- State and Local Government
- North America