The Security and Compliance Experts
Sales: 855-623-8329

FedRAMP Cloud

The FedRAMP Cloud Has Arrived

The Federal Risk and Authorization Management Program (FedRAMP) has recently taken a central role in the federal procurement process for cloud computing services. The goal of the program is to eliminate redundant agency security assessments with a "do once, use many times" framework for certifying cloud services for federal use, thereby saving time and money.

How the FedRAMP Cloud Program Works

Any cloud service provider (CSP) that wants their cloud to be certified as a FedRAMP cloud must go through the FedRAMP assessment program. To have a cloud approved as a FedRAMP cloud, CSPs must undergo assessment by an approved third party assessment organization (3PAO) to demonstrate compliance with FedRAMP information security standards. FedRAMP security standards are essentially the same standards previously mandated under the Federal Information Security Management Act (FISMA), with the addition of certain cloud-specific requirements.

Based on the assessment, the FedRAMP Joint Authorization Board can issue a "provisional authorization" to the cloud service. Federal agencies can then leverage this provisional authorization to more quickly and efficiently issue a final authorization to operate (ATO) in compliance with FISMA requirements.

FISMA security requirements pre-date the FedRAMP program, and there are currently FISMA cloud computing services that were previously assessed and authorized by individual federal agencies in compliance with FISMA, but have not yet undergone the FedRAMP assessment process. Within its processing queue, the FedRAMP program is prioritizing existing FISMA cloud deployments operating under ATOs issued by individual agencies. Once an existing FISMA cloud becomes approved as a FedRAMP cloud, other federal agencies can more easily use that cloud.

The FedRAMP cloud program is still in its early stages but is expected to pick up speed in 2013.

Layered Tech: The FISMA Compliant Hosting Experts

Layered Tech's FISMA compliant managed hosting services are used by more than half of the cabinet-level federal agencies, including the Departments of Energy, Justice, and Treasury. For a decade, federal agencies and their solution vendors have counted on Layered Tech to architect, implement, and manage scalable IT solutions that maintain strict FISMA compliance year after year.

With our network of FISMA compliant data center facilities and our deep experience in cloud service design and delivery, Layered Tech is well positioned to be among the early cloud infrastructure providers to go through the FedRAMP cloud certification process. Cloud SaaS and PaaS vendors who use Layered Tech's hosting services will have a competitive edge in selling to federal customers.

Learn more about Layered Tech's FISMA compliant solutions.

Need Help Narrowing the Choices?

Talk to a FISMA Expert about Customizing Your Services

I need:
We respect your privacy No spam
You'll hear from us within 1 business day
Live Chat Contact Us

Get a Free Call with a FISMA Compliance Expert

I need:
No spam We respect your privacy
You'll hear from us within 1 business day
* Required