Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Data Management

Are Government Agencies Complying with FedRAMP?

CloudWedge
CloudWedge
2 Min Read

United States Capitol Building, The National Mall, Washington, DC

United States Capitol Building, The National Mall, Washington, DC

FedRAMP is the much politicized cloud initiative in which cloud vendors must satisfy certain requirements in order to be considered for federal cloud projects. CIO.gov mentions that FedRAMP provides a “Standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”

Inspector generals at nearly 20 US federal government agencies have concluded that cloud services outside of FedRAMP approved services are being utilized within the government agencies that they audited. This past summer, the US government imposed a deadline for FedRAMP vendor’s approval and many agencies seemed to have overlooked the deadline and went forward with their cloud endeavors anyways. A report a NextGov mentions that the agencies will face little to no consequences for bypassing this deadline.

More Read

Forrester: Companies That Don’t Integrate Social Data Fail in the Age of the Customer
Comments on the Nine Laws of Data Mining
GDPR: After 25th May, What Medium And Long Term Actions?
Connecting Data Governance to Business Outcomes That Matter
Top BI Dashboard Design and Delivery Worst Practices

The report filed by an inspector general blasted government agencies for not adhering to FedRAMP saying, “The failure of the cloud system to address and meet FedRAMP security controls increases the risk that federal program data may be compromised, intercepted or lost, which could expose the data to unauthorized parties.” The audit findings show an even bigger problem in government IT. The auditors concluded that the missed deadlines and non-approved systems being used are a direct result of a lack of leadership within the agencies IT departments. The report at NextGov does not begin to name specific agencies and their report concludes that the auditing agency neither “has the authority to enforce FedRAMP compliance within the individual agencies.” The report goes on to say that “there is no discernable penalty for noncompliance and no singular governing body with the authority to enforce compliance.”

The report published by the inspector generals and NextGov is alarming for American citizens. From both an information security perspective as well as a “Bang for your tax dollars” perspective, the auditor’s findings conclude that the risks found also “increases the risk that agencies could misspend or ineffectively use government funds.”

TAGGED:
Share This Article

Follow us on Facebook

Latest News

cloud dataops for metering
Taming the IoT Firehose: How Utilities Are Scaling Cloud DataOps for Smart Metering
Cloud Computing Exclusive Internet of Things IT
ai in video game development
Machine Learning Is Changing iGaming Software Development
Exclusive Machine Learning News
media monitoring
Signals In The Noise: Using Media Monitoring To Manage Negative Publicity
Analytics Exclusive Infographic
data=driven approach
Turning Dead Zones Into Data-Driven Opportunities In Retail Spaces
Big Data Exclusive Infographic

Stay Connected

You Might also Like