Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Data Management

Are Government Agencies Complying with FedRAMP?

CloudWedge
CloudWedge
2 Min Read

United States Capitol Building, The National Mall, Washington, DC

United States Capitol Building, The National Mall, Washington, DC

FedRAMP is the much politicized cloud initiative in which cloud vendors must satisfy certain requirements in order to be considered for federal cloud projects. CIO.gov mentions that FedRAMP provides a “Standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”

Inspector generals at nearly 20 US federal government agencies have concluded that cloud services outside of FedRAMP approved services are being utilized within the government agencies that they audited. This past summer, the US government imposed a deadline for FedRAMP vendor’s approval and many agencies seemed to have overlooked the deadline and went forward with their cloud endeavors anyways. A report a NextGov mentions that the agencies will face little to no consequences for bypassing this deadline.

More Read

gamifying decision making
Turning Decision Making Into a Game
GDPR: After 25th May, What Medium And Long Term Actions?
The Coming Wave of Innovation from Open Geographic Information
How Big Data Will Change People Management Forever
Big Data and Crowdsourcing in Humanitarian Crisis Mapping

The report filed by an inspector general blasted government agencies for not adhering to FedRAMP saying, “The failure of the cloud system to address and meet FedRAMP security controls increases the risk that federal program data may be compromised, intercepted or lost, which could expose the data to unauthorized parties.” The audit findings show an even bigger problem in government IT. The auditors concluded that the missed deadlines and non-approved systems being used are a direct result of a lack of leadership within the agencies IT departments. The report at NextGov does not begin to name specific agencies and their report concludes that the auditing agency neither “has the authority to enforce FedRAMP compliance within the individual agencies.” The report goes on to say that “there is no discernable penalty for noncompliance and no singular governing body with the authority to enforce compliance.”

The report published by the inspector generals and NextGov is alarming for American citizens. From both an information security perspective as well as a “Bang for your tax dollars” perspective, the auditor’s findings conclude that the risks found also “increases the risk that agencies could misspend or ineffectively use government funds.”

TAGGED:
Share This Article

Follow us on Facebook

Latest News

mobile device farm
How Mobile Device Farms Strengthen Big Data Workflows
Big Data Exclusive
composable analytics
How Composable Analytics Unlocks Modular Agility for Data Teams
Analytics Big Data Exclusive
fintech startups
Why Fintech Start-Ups Struggle To Secure The Funding They Need
Infographic News
edge networks in manufacturing
Edge Infrastructure Strategies for Data-Driven Manufacturers
Big Data Exclusive

Stay Connected

You Might also Like