Question

Why do cloud providers seek FEDRamp certification?

Answer

Many cloud providers look to become certified with FEDRamp, a federal cybersecurity program. The essential reason that so many companies want to get on board with FEDRamp certification is that this represents the major federal government standard in the U.S.

First of all, any company that does business with the federal government may need to be FEDRamp certified. That in itself is a compelling reason to get FEDRamp certification, but even companies that don’t serve federal government clients often want to achieve FEDRamp certification just to show private clients that they have that standard under their belt.

FEDRamp involves the use of cloud security assessments that help companies demonstrate competence in one of the most valuable aspects of their service – keeping client data safe. FEDRamp assesses risk management in specific ways, evaluating vulnerability scanning, providing audit and logging tools, and implementing different kinds of threat assessment. These aspects of the program make it a very important and relevant part of what many companies do to “improve their cloud capability” and provide high standards for securing data.

Other program goals involve real-time or near real-time data monitoring, consistent security implementations, and the general use of effective protocols to, again, demonstrate that a company has a handle on cybersecurity.

As some experts point out, FEDRamp allows federal agencies to more easily pick out cloud providers. For a cloud provider who is FEDRamp certified, that makes them a pre-approved provider who can get on the fast track for closing these kinds of contracts.

Related Terms

Justin Stoltzfus
Contributor

Justin Stoltzfus is an independent blogger and business consultant assisting a range of businesses in developing media solutions for new campaigns and ongoing operations. He is a graduate of James Madison University.Stoltzfus spent several years as a staffer at the Intelligencer Journal in Lancaster, Penn., before the merger of the city’s two daily newspapers in 2007. He also reported for the twin weekly newspapers in the area, the Ephrata Review and the Lititz Record.More recently, he has cultivated connections with various companies as an independent consultant, writer and trainer, collecting bylines in print and Web publications, and establishing a reputation…