New Compliant CSPs!
The FedRAMP PMO is excited to announce five new systems, including a JAB Authorization and two FedRAMP Ready systems!
|[General Dynamics Information Technology (GDIT)](https://www.fedramp.gov/marketplace/compliant-systems/gdit-omni-cloud/) received a JAB Authorization on January 8, 2016 for its Omni Cloud. The OMNI Cloud information system is delivered as an IaaS offering using a multi-tenant Government Community Cloud computing environment that is owned/leased and operated by GDIT and hosted in GDIT leased Data Centers located in the continental United States.|
|[Copt LLC Powered by VAZATA](https://www.fedramp.gov/marketplace/compliant-systems/copt-connect-llc-powered-by-vazata-virtual-federal-image/)received a JAB Authorization on January 8, 2016 for its Virtual Federal Image (VFI). The COPT Connect, LLC powered by VAZATA’s VFI is delivered as an Infrastructure-as-a-Service (IaaS) offering using a multi-tenant community cloud computing environment. COPT/VAZATA offers a simple, yet secure, IaaS environment with a robust IPS/IDS security border and best-in-class firewall, switching infrastructure, compute and storage devices.|
|[Google Services](https://www.fedramp.gov/marketplace/compliant-systems/google-google-services/) is now FedRAMP Compliant and earned an Agency Authorization from the General Services Administration.** Google Services is comprised of Google’s multi-tenant public and hybrid Google Apps cloud instances and multi-tenant public cloud Google App Engine. These services are built atop the Google Common Infrastructure|
|[Decision Lens](https://www.fedramp.gov/marketplace/compliant-systems/decision-lens-inc-decision-lens-software/) is now FedRAMP Compliant and earned an Agency Authorization from the Department of Health of Human Services (HHS).The Decision Lens Software is a cloud-based prioritization and resource optimization software solution. This cloud-based software, which is hosted on the FedRAMP-authorized Amazon Web Services (AWS) Infrastructure as a Service (IaaS), rapidly engages decision-makers to achieve better outcomes in a resource-constrained environment|
|[Netcomm](https://www.fedramp.gov/marketplace/compliant-systems/netcomm-beacon/) is now FedRAMP Compliant and earned an Agency Authorization from the Department of Health and Human Services (HHS). NetComm offers a variety of cloud-based services through Beacon, NetComm’s data analytics toolset that allows users to create customized dashboards tailored to an organization’s or agency’s particular needs. Beacon leverages the Amazon Web Services GovCloud region FedRAMP moderate cloud Infrastructure as a Service (IaaS).|
|[Softlayer](https://www.fedramp.gov/marketplace/compliant-systems/softlayer-softlayer-federal-cloud-sfc/) is now FedRAMP Compliant and earned an Agency Authorization from the Federal Communications Commission (FCC). The SoftLayer Federal Cloud (SFC) is a high performance, high security, Infrastructure-as-a-Service Cloud provided by SoftLayer Technologies, Inc. SFC makes use of a unique managed and automated cloud service provider architecture layer (a multi-faceted Infrastructure-as-a-Service (IaaS) Cloud) that provides a variety of cloud-based services.|
|Unisys is now FedRAMP Ready for both their [Edge for Government](https://www.fedramp.gov/marketplace/fedramp-ready-systems/unisys-unisys-edge-for-government/) and [Secure Private Cloud for Government](https://www.fedramp.gov/marketplace/fedramp-ready-systems/unisys-unisys-spcg-secure-private-cloud-for-government/) Edge features a SaaS based ITSM core at the nucleus of its flexible Service Management Framework. Combined with additional cloud-based service options, Edge ensures rapid deployment and no-hassle integration with existing investments. Secure Private Cloud for Government (SPCG) allows Unisys clients to deploy onto the federal cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the SPCG into the federal cloud infrastructure.|
FedRamp now has 24 JAB P-ATOs and 53 FedRAMP Compliant CSP systems! A complete list of all FedRAMP Compliant CSPs can be viewed here
Feature Item: The Evolution of FedRAMP
As we approached our fourth year of helping agencies secure the cloud solutions they use, we here at FedRAMP undertook a comprehensive outreach effort to learn as much as possible about how we’re meeting your needs. In response to your feedback, we’re shifting our efforts to scale the things we’re doing well, and we’re also working to improve the areas you’d like to see changed.
Reader Submission from Jeffrey Widom
This month, the PMO features a column from Lunarline’s Jeffrey Widom. He presents some common topics Cloud Service Provider’s (CSPs) have faced when deciding to pursue a FedRAMP Authorization.
Is the FedRAMP JAB P-ATO considered the “highest level” of FedRAMP compliance?
Each FedRAMP path is valid. The JAB, Agency, CSP-Supplied paths have the same content and must meet the same stringent FedRAMP PMO requirements for entry into the repository. The primary difference is continuous monitoring and risk management.
FedRAMP’s Agency Evangelist is coming to a Federal agency near you!
Ashley Mahan is leading a focused outreach effort to identify agency leads who will coordinate cross-government use of FedRAMP. Ashley will visit with each agency within the Executive Branch as well as a number of other agencies and state-governments. This is each agency’s chance to speak directly with the PMO about their experience with the FedRAMP process and provide feedback and potential improvements.
FedRAMP in the News:
Cloud security program pilot’s try to lessen growing pains(Federal News Radio)
FedRAMP high baseline will be finalized after pilot wraps (Federal Times)
General Dynamics obtains FedRAMP approval cloud IT platform (ExecutiveBiz)
Cloud gets boost on the Hill from the Healthcare.gov effect (Federal News Radio)