Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Data Management

Are Government Agencies Complying with FedRAMP?

CloudWedge
CloudWedge
2 Min Read

United States Capitol Building, The National Mall, Washington, DC

United States Capitol Building, The National Mall, Washington, DC

FedRAMP is the much politicized cloud initiative in which cloud vendors must satisfy certain requirements in order to be considered for federal cloud projects. CIO.gov mentions that FedRAMP provides a “Standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”

Inspector generals at nearly 20 US federal government agencies have concluded that cloud services outside of FedRAMP approved services are being utilized within the government agencies that they audited. This past summer, the US government imposed a deadline for FedRAMP vendor’s approval and many agencies seemed to have overlooked the deadline and went forward with their cloud endeavors anyways. A report a NextGov mentions that the agencies will face little to no consequences for bypassing this deadline.

More Read

trusted data management
The Future of Trusted Data Management: Striking a Balance between AI and Human Collaboration
Managing By the Numbers: Penny Wise, Pound Foolish?
Understanding the Evolution from Relationship Databases to Semantic Graph Databases
The Perils of Forecasting Benchmarks
Big Data and Business Intuition Work Together

The report filed by an inspector general blasted government agencies for not adhering to FedRAMP saying, “The failure of the cloud system to address and meet FedRAMP security controls increases the risk that federal program data may be compromised, intercepted or lost, which could expose the data to unauthorized parties.” The audit findings show an even bigger problem in government IT. The auditors concluded that the missed deadlines and non-approved systems being used are a direct result of a lack of leadership within the agencies IT departments. The report at NextGov does not begin to name specific agencies and their report concludes that the auditing agency neither “has the authority to enforce FedRAMP compliance within the individual agencies.” The report goes on to say that “there is no discernable penalty for noncompliance and no singular governing body with the authority to enforce compliance.”

The report published by the inspector generals and NextGov is alarming for American citizens. From both an information security perspective as well as a “Bang for your tax dollars” perspective, the auditor’s findings conclude that the risks found also “increases the risk that agencies could misspend or ineffectively use government funds.”

TAGGED:
Share This Article

Follow us on Facebook

Latest News

ai in business
Recurring Revenue Strategies for the AI Business Era
Artificial Intelligence Exclusive
ai for playground safety
Using Data to Plan Safer, More Efficient Public Playgrounds
Big Data Exclusive
AI for cybersecurity
How AI Supports Modern Penetration Testing
Artificial Intelligence Exclusive
ai kids and their parents
How Cities Use AI to Improve Playground Design
Exclusive News

Stay Connected

You Might also Like