Get Ready to Push Some Paper for Cloud Moves
January 12, 2012
A critical part of a fast-track strategy that allows agencies to digitally borrow each other's cloud security guarantees will not be available when the operation gets under way this summer, federal officials told Nextgov.
The mantra of the new effort, called the Federal Risk and Authorization Management Program, or FedRAMP, is "Do once; use many times," meaning a department can go through the arguably arduous process of authorizing a Web-based service and then many other departments can sponge off that work to deploy the tool more quickly. The General Services Administration, which manages the program, plans for the certifications to be accessible through a central online clearinghouse.
But there are fears that a database containing vulnerability assessments for the entire federal cloud could be an attractive target for hackers, GSA officials acknowledge.