The Federal Risk and Automation Management Program, commonly known as FedRAMP, was introduced in 2010 and signed into policy at the end of 2011 as a "standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services." In plain English, it provides a baseline for agencies to determine if a cloud solution is secure enough for them to use. Vendors get FedRAMP certified as a way to prove their solution is ready to plug and play into federal systems.
In recent years, cloud has moved from a curiosity for most agencies to a key part of IT infrastructure. With this change in cloud acceptance and use, FedRAMP has also started to evolve to meet today's needs. Last summer, Rep. Gerry Connolly introduced the FedRAMP Reform Act of 2018 as a more stringent enforcement of the use of FedRAMP guidance. Continue reading
From time to time GovEvents will come across information we feel our members and audience would benefit from. Here's something we wanted to share from Bob Gourley, Founder and CTO at Crucial Point LLC:
For the last decade enterprise architects have all known the importance of engineering continuous connectivity to cloud services. If you want to use the cloud you have to have a path to it.
For parts of the enterprise who may operate at the edge, where connectivity can be an issue, it has been hard to design solutions leveraging public clouds. Depending on the organization, edge users might have some mix of public cloud, private cloud, datacenter access and local compute, all complex and hardly optimized at all. Continue reading
For those of us in the government market, October is the time to break out the Happy New Year noisemakers and celebrate the new government fiscal year (GFY). Each August and September is a frantic race for agencies to spend their remaining budget, which poses opportunity but a lot of hard work for the vendors that want to earn some of this end-of-year shopping spree money. In recent years, the turning of the new fiscal year has also meant uncertainty. From shut downs to continuing resolutions, the switch from one year to the next has not been as smooth as flipping a calendar page.
A group of senators has come forth to raise concerns about this annual end-of-year frenzy. A recent report found that the last week of the fiscal year accounts for 12.3 percent of spending [on IT]. Numerous other reports over the years have found similar statistics. In 2017 this equated to $11 billion in the final week of the year -- almost five times more than the average weekly spending for that year. This spending happens because agencies are afraid if they do not use all the money they are allocated, their budgets will go down in the future. This group of senators, as well as others in government, are looking at options for reforming the system to eliminate the potential waste resulting from this fast spending. Continue reading
As cloud gains momentum as a platform for government IT, the one-size-fits-all solution is becoming obsolete. Government organizations require unique solutions to suit their specific needs, which is why understanding the cloud platform options is the first step to making the change to the cloud. Initially, there were public clouds hosted completely off government sites by a third party (like Google or Amazon Web Services). Then came private clouds, infrastructure and networks designed as a cloud but only available to a closed loop of individuals. Private clouds are hosted on-premise by the government entity they were built for. Now, there is a third type of cloud implementation that is proving to be the most popular and most attractive to government agencies - the hybrid cloud.
Hybrid infrastructures mean that some elements are hosted in a cloud (either public or private) while others are managed on-premise. There is a connection that allows all systems to work seamlessly. This set-up alleviates security concerns and helps organizations maintain tight control over critical applications.
Additionally, a hybrid environment helps avoid vendor lock-in. As agencies found with hardware, becoming an all "one vendor" shop has drawbacks. While going with a single IT vendor can have initial cost savings and economies of scale, in the long run, agencies grew frustrated when that one vendor could not innovate quick enough or provide the support they needed. Agencies are wary of falling into the same trap with cloud providers and look to spread out their applications across several platforms. This allows them to pick the cloud infrastructure that works best for that particular IT solution. There are hybrid cloud management tools that "abstract away many of the common features offered by different cloud providers" making it easier to manage multiple clouds. Continue reading
Around this same time last year we wrote about the federal government's focus on consolidating data centers for better IT efficiency. The Data Center Optimization Initiative (DCOI) that is driving changes across government has extended its deadlines for agency compliance. Originally, agencies were to meet a variety of consolidation, energy efficiency, and cost reduction goals by the end of calendar year 2018. With fewer than one in five Federal data center leaders saying that their data center was on track to meet their DCOI goals, an extension seemed inevitable. Now, agencies have until 2020 to install energy metering tools, use automated monitoring and operations, maximize floor space use in existing data centers, reduce data center costs by 25%, in addition to a number of other cost savings and efficiency goals.
In addition to DCOI, agencies are also looking to comply with the Modernizing Government Technology Act (MGT) that looks at government IT as a whole, incorporating data centers into the overall plans to modernize how government procures and uses technology for citizen service.
A third driver for modernizing the data center is the desire to do more with the data we have. No longer is a data center a place to store information, it is a place to interact with information. Continue reading