By Bob Brewin // November 4, 2014
The Defense Information Systems Agency currently offers its military customers certified cloud computing services from three vendors and has another seven under assessment for compliance with governmentwide security standards, top agency officials told Nextgov.
FedRAMP reviews aim to speed the adoption of cloud deployments across government by allowing cloud services to be vetted once – at a particular security level – and then deployed by a multitude of agencies. Agencies must comply with FedRAMP as a matter of federal policy.
But as noted in a recent review from the Council of Inspectors General on Integrity and Efficiency, neither the FedRAMP program office nor the Joint Authorization Board -- made up of the chief information officers of General Services Administration and the departments of Defense and Homeland Security -- can force agencies to comply with FedRAMP.
The report identified 348 federal commercial cloud contracts with a value of $12 billion as of fiscal 2014. But it did not identify specific agencies that failed to meet certification requirements.
Mark S. Orndorff, the mission assurance executive for the Defense Information Systems Agency, said three commercial cloud services are currently available to DOD users: Autonomic Resources, CGI Federal and Amazon Web Services.
Assessments of FedRAMP-compliant offerings from providers ...