The Federal Risk and Authorization Management Program (FedRAMP) is excited to release the FedRAMP High Baseline Requirements! The High Baseline is available on www.FedRAMP.gov. These security requirements will be used to protect some of the government’s most sensitive, unclassified data in cloud computing environments. This release allows agencies to use cloud environments for high-impact data, including data that involves the protection of life and financial ruin.
Why is this such a big deal? While 80% of Federal information is categorized at low and moderate impact levels, this only represents about 50% of Federal IT spend. Now that FedRAMP has set the requirements for high impact levels, that breaks open the remaining 50% of the $80 billion a year the US Government spends on IT that could potentially move to the cloud securely. That’s huge!
In addition to the High Baseline Requirements being released, the Joint Authorization Board has been busy piloting these requirements with vendors in order to ensure their practical applicability. So we are also excited to announce the Provisional Authorization of 3 vendors that meet the high baseline requirements and are ready for agencies to review and leverage:
CSRA / Autonomic Resources - ARC-P IaaS
Microsoft - Azure Government
Amazon Web Services - AWS GovCloud
We’ll be holding two webinars on Wednesday June 29 geared towards CSPs and 3PAOs as well as Agencies so each can know how these requirements affect you and how to take advantage of this major program addition. We’ll follow up with an announcement for those webinars individually in the next day or two!