Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Data Management

Are Government Agencies Complying with FedRAMP?

CloudWedge
CloudWedge
2 Min Read

United States Capitol Building, The National Mall, Washington, DC

United States Capitol Building, The National Mall, Washington, DC

FedRAMP is the much politicized cloud initiative in which cloud vendors must satisfy certain requirements in order to be considered for federal cloud projects. CIO.gov mentions that FedRAMP provides a “Standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”

Inspector generals at nearly 20 US federal government agencies have concluded that cloud services outside of FedRAMP approved services are being utilized within the government agencies that they audited. This past summer, the US government imposed a deadline for FedRAMP vendor’s approval and many agencies seemed to have overlooked the deadline and went forward with their cloud endeavors anyways. A report a NextGov mentions that the agencies will face little to no consequences for bypassing this deadline.

More Read

Of Black Swans and Taking Showers
5 Ways Hadoop Can Help Healthcare Organizations and You
Technology Project Nightmares
What is Data Governance?
Data Science in the Mainstream

The report filed by an inspector general blasted government agencies for not adhering to FedRAMP saying, “The failure of the cloud system to address and meet FedRAMP security controls increases the risk that federal program data may be compromised, intercepted or lost, which could expose the data to unauthorized parties.” The audit findings show an even bigger problem in government IT. The auditors concluded that the missed deadlines and non-approved systems being used are a direct result of a lack of leadership within the agencies IT departments. The report at NextGov does not begin to name specific agencies and their report concludes that the auditing agency neither “has the authority to enforce FedRAMP compliance within the individual agencies.” The report goes on to say that “there is no discernable penalty for noncompliance and no singular governing body with the authority to enforce compliance.”

The report published by the inspector generals and NextGov is alarming for American citizens. From both an information security perspective as well as a “Bang for your tax dollars” perspective, the auditor’s findings conclude that the risks found also “increases the risk that agencies could misspend or ineffectively use government funds.”

TAGGED:
Share This Article

Follow us on Facebook

Latest News

protecting patient data
How to Protect Psychotherapy Data in a Digital Practice
Big Data Exclusive Security
data analytics
How Data Analytics Can Help You Construct A Financial Weather Map
Analytics Exclusive Infographic
AI use in payment methods
AI Shows How Payment Delays Disrupt Your Business
Artificial Intelligence Exclusive Infographic
financial analytics
Financial Analytics Shows The Hidden Cost Of Not Switching Systems
Analytics Exclusive Infographic

Stay Connected

You Might also Like