Agencies continue to move their data to the cloud, but increasing adoption of cloud applications outside of existing security programs like FedRAMP (the Federal Risk and Authorization Management Program) and the CIO’s office brings security concerns as well, a new report notes. […]

The FedRAMP program has provided more authorizations to software-as-a-service (SaaS) applications and reduced the time to authorization in the last three years of the program, according to an analysis of the program. […]

The House Appropriations Committee is putting pressure on the General Services Administration (GSA) to get agencies migrated over to the Enterprise Infrastructure Solutions (EIS) Contract, including a provision to push agencies to adopt the contract, as well as other IT oversight items for GSA. […]

The General Services Administration (GSA) faces a number of challenges for FY2019, including improving procurement metrics reporting through the Federal Acquisition Service (FAS), and in the area of agency cybersecurity, according to the GSA Office of Inspector General (OIG) semiannual report to Congress issued today. […]

A new report from ACT-IAC (American Council for Technology-Industry Advisory Council) finds that zero-trust technologies are available and lend themselves to incremental installation, but need support from the mission side of the agency for effective implementation. […]

Since FedRAMP introduced the Tailored baseline for Low-Impact Software-as-a-Service (Li-SaaS) in 2017, 11 cloud services at 10 Federal agencies – accounting for 25 percent of all services authorized in 2018 – have achieved Tailored authorizations which has allowed the project management office (PMO) to identify best practices for Cloud Service Providers (CSP) and agencies who may consider a FedRAMP Tailored authorization. […]

FedRAMP (the Federal Risk and Authorization Management Program) is looking to automation and reciprocity with industry standards in different sectors as it focuses on improvements in 2019, said Ashley Mahan, director of the FedRAMP Project Management Office (PMO), at FCW’s Cloud Summit today. […]

One of the major wrinkles to iron out in the Federal government’s move to the cloud has been security. Concerns regarding security have prompted some agencies to move cautiously, and the government to create whole programs dedicated to ensuring it. But cloud also provides some security advantages, which the Department of Defense (DoD) is taking advantage of to provide services to warfighters and small-business contractors. […]

A recent audit by the General Services Administration’s (GSA) Office of Inspector General found that GSA’s Federal Risk and Authorization Management Program (FedRAMP) Program Management Office (PMO) has not yet established an adequate structure to assist the Federal government with adoption of secure cloud services. […]

The Department of Homeland Security (DHS) released a request for information (RFI) on Tuesday asking for support in moving systems to the cloud, optimizing its remaining enterprise data center, and gathering comment on the department’s plan. The deadline to respond is March 20. […]

The General Services Administration (GSA) rescheduled its planned outreach to industry in looking for an automated solution that can help agencies conduct audits of Federal grant recipients. The new date for the virtual pre-demonstration conference is March 4, and industry demonstration days will be held on April 3 and April 5. […]

The FedRAMP Program Management Office (PMO) announced Thursday that Brian Conrad is joining the organization as the FedRAMP Program Manager for Strategy, Innovation, and Technology. […]

At MeriTalk’s FITARA Awards ceremony on Wednesday night, Rep. Gerry Connolly, D-Va., chairman of the House Oversight and Reform Committee’s Government Operations Subcommittee, offered his views on what Congress needs to tackle next in Federal IT, and previewed three likely pieces of legislation. […]

The House Oversight and Reform Committee announced the leadership and membership of its subcommittees on Tuesday, with Rep. Gerry Connolly, D-Va., as chairman of the Subcommittee on Government Operations, which will handle Federal IT oversight duties. Rep. Mark Meadows, R-N.C., will service as the subcommittee’s ranking member. […]

The Department of Labor on Dec. 27 released a request for information on a proposal for a new financial management system, with an eye towards a potential move to the cloud and data analytics capabilities. Responses are due by 11 AM on January 16. […]

Cloud security provider Zscaler announced today that it received FedRAMP (Federal Risk and Authorization Management Program) authority to operate (ATO) at the Moderate Impact Level for its Zscaler Internet Access-Government (ZIA-Government) solution–nearly coincident with the Office of Management and Budget’s release of a draft update of its Trusted Internet Connections (TIC) policy late Friday. […]

IT security provider Zscaler said this week it is one of four cloud service providers selected to pursue Joint Authorization Board (JAB) FedRAMP certification, at the High Impact level, through the FedRAMP Connect program. […]

Blockchain technology’s popularity has grown in recent years to full buzzword status, but government agencies are fine-tuning their use cases for the technology and picking their blockchain projects wisely, said Mark Fisk, partner in IBM Digital for Global Business Services. […]

The hype around cloud services in the Federal government could lead to substantial increases in adoption over the next year, according to new research conducted by MeriTalk. […]

CrowdStrike announced Thursday that it received an agency FedRAMP authorization which it said will allow the company “to significantly expand its footprint in the Federal government to meet demand from Federal agencies for its endpoint protection technologies.  […]

On the heels of Kelly Olson’s promotion to head the General Services Administration’s Technology and Transformation Services (TTS) organization (LINK to yesterday’s story), the agency is setting into motion a series of leadership changes impacting its FedRAMP operation, among others. […]

Zscaler announced today that its Zscaler Private Access-Government (ZPA-Government) application access platform received FedRAMP Moderate certification to sell across government. ZPA-Government, which received authority to operate by the Federal Communications Commission (FCC), is the first FedRAMP-approved zero trust remote access platform. […]

During an Aug. 8 webinar on VMware Cloud on AWS hosted by the Digital Government Institute, participants said that VMware and AWS are setting up a dedicated instance of the service called VMware Cloud on AWS GovCloud (US). This instance is intended to meet standards set by FedRAMP, the Defense Information Systems Agency (DISA), and the International Traffic in Arms Regulation (ITAR). […]

Agencies have 68 days remaining to achieve compliance with the Department of Homeland Security’s (DHS) binding operation directive (BOD) 18-01, which requires the active enforcement of the Domain Message Authentication, Reporting, and Conformance (DMARC) protocol. […]

Security in the cloud is a shared responsibility between cloud service providers (CSPs) and government organizations. CSPs provide agencies with a secure platform to operate on, but it is the responsibility of agency security leaders to ensure the applications that are being hosted have been hardened, according to security experts. […]

Rep. Gerry Connolly, D-Va., said today that he introduced legislation – the Federal Risk and Authorization Management Program (FedRAMP) Reform Act – which would codify the FedRAMP program in Federal law and address what the congressman said are shortcomings of the program, including the slow pace of implementing standardized practices and realizing efficiencies in the certification process. […]

During a General Services Administration (GSA) webinar on July 18, officials explained why Federal agencies should use GSA tools to move to the cloud, how agencies can utilize IT Schedule 70 to move to the cloud, and how to meet FedRAMP requirements. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Matt Goodrich, FedRAMP director, and Ashley Mahan, FedRAMP evangelist, addressed industry feedback to FedRAMP’s recently released authorization boundary guidance during a webinar today. […]

When government agencies plan a secure move to the cloud, they should look to existing guidelines and regulations to protect data, and look to established solutions to ease the move, said panelists at an FCW webinar on June 21. […]