FedRAMP authorization stands as a critical goal for cloud service providers that want business with the U.S. federal government It was initiated in 2011 to make secure cloud services easier for federal agencies to adopt. This program brings a uniform methodology for security assessment, authorization, and ongoing monitoring of cloud services.
FedRAMP is overseen by the General Services Administration, and is now the only path for federal agencies to leverage cloud services, making it the critical path for every cloud service provider(CSP) and cloud service organization (CSO). For a provider to gain FedRAMP approval, they must demonstrate rigorous security policies, systems, and monitoring. This process demands a well-conceived and well-resourced approach as it spans from 10 to 18 months, and impacts policy, infrastructure, and security management.