Over the last 10 years, cloud computing has moved from a novel approach to delivering technical capabilities to a utilitarian fact of every government IT architecture. The Federal Risk and Authorization Management Program (FedRAMP) opened the door for wider adoption of cloud by putting in place security standards that solutions must meet to be used in the government. As cloud technology and its use in government has evolved it only makes sense that FedRAMP evolves as well with reforms to the program passed as part of the 2022 National Defense Authorization Act.
Ramping up FedRAMP
Reforms were developed to make the FedRAMP process more efficient so that needed cloud technologies could get into the government market faster. Specific reforms include a “presumption of adequacy” clause, which would allow FedRAMP-authorized tools to be used in an agency without additional oversight or verification from that agency. It also ensures that FedRAMP has a board to enhance and speed up the program and creates a separate cloud advisory committee with members from cloud services companies.
Cloud Goes Global
Beyond legislative policy changes, the way cloud is procured and used is shifting across government. With cloud being relatively commonplace in U.S.-based DoD organizations, the Defense Information Systems Agency (DISA) is looking to extend cloud usage outside the continental United States. A project named “Stratus” created a private classified cloud to serve organizations under U.S. Indo-Pacific Command. The goal is to deliver the same compute power available at HQ offices to people in theater.
Buying the Cloud
Agencies are also evolving in the way they look at procuring cloud. The Department of Homeland Security (DHS) had proposed issuing a 10-year, indefinite delivery, indefinite quantity contract vehicle known as Enterprise Cloud Infrastructure Provider Suite (ECLIPS) but has put it on hold. In developing ECLIPS, DHS looked at the Data Center and Cloud Optimization Support Services and the general transition to the Enterprise Infrastructure Solutions telecommunications contract as existing ways to expand the Department’s use of cloud without introducing yet another vehicle. ECLIPS is not completely shelved. The agency is looking for ways to use it to meet the constantly evolving cloud needs, including the use of hybrid cloud solutions.
These resources from GovWhitePapers and GovEvents are helpful tools for navigating the shifts in cloud procurement and adoption.
- Multi-Cloud and Hybrid Cloud Adoption in Government (white paper) – Hybrid and multi-cloud initiatives in the public sector occur through data center consolidation, cloud initiatives, or expanding vendor pools and business opportunities. Read insights, suggestions, and feedback from government experts about the state of cloud adoption across the Federal Government and the challenges and successes of moving from a “commodity purchasing” to a “people and process” mindset.
- Guide to a Secure Enterprise Network Landscape (white paper) – Access to multiple cloud services, the geographic spread of enterprise Information Technology (IT) resources, and the emergence of microservices-based applications have all changed the enterprise network landscape significantly. This paper provides secure operations guidance for this new enterprise network landscape.
- Cloud Modernization: From Fragmented Identity to a Unified Cloud (white paper) – Federal agencies have worked diligently to maintain high levels of security across networks. But as technology advances, agencies continue to face challenges with outdated and siloed identity and access management. Read highlights from a roundtable discussion with Federal IT experts about ways agencies can modernize cloud operations and ICAM management without compromising security.
- 11th Annual 930gov (September 6, 2023; Washington. DC) – This event brings government technical communities together to connect, exchange, and gather ideas from subject matter experts from multiple disciplines. Attendees will hear thought leaders present best practices, case study findings, and potential solutions to their current IT challenges, including cloud.
- Cyber Solutions Fest 2023: Cloud Security (October 27, 2023; webcast) – Leading solution providers and practitioners will highlight the newest techniques and technologies that organizations of all types and sizes are leveraging to better secure and manage their cloud services and environments.
Learn more about government cloud adoption with additional resources on GovWhitePapers and GovEvents.
