USDA gets FedRAMP nod

The Department of Agriculture is the first federal agency to achieve provisional compliance with the Federal Risk and Authorization Management Program (FedRAMP), meaning its private cloud meets the federal government's standardized approach to cloud security assessments.

While the USDA's National Information Technology Center (NITC) is a federally owned cloud service provider that provides infrastructure-as-a-service exclusively for use by local, state and federal systems, it had to meet the same rigorous FedRAMP requirements as private-sector cloud providers before giving itself authority to operate (ATO) on June 24.

NITC is the sixth provider to achieve compliance, joining HP, Lockheed Martin, Autonomic Resources, CGI Federal and Amazon Web Services. The agency was aided through the FedRAMP requirement process by COACT, Inc., one of 20 accredited third-party assessment organizations (3PAOs).

That USDA's cloud offering was able achieve FedRAMP certification highlights the diverse profiles of cloud service providers in the pipeline, despite some critics who argue the process is too lengthy. An official from the General Services Administration said to expect a "steady rollout of new services" through the FedRAMP process over the summer.