How the Federal Government Is Implementing Cloud Security

May 5, 2020 Blog

This article was originally published on Leidos.com.

Although cloud technology has become the gold standard in the private sector, it has had a long road to implementation in the government space. In 2011, the White House introduced the “Cloud First” policy, an initiative to unleash the potential and accelerate the adoption of cloud computing for government agencies. Unfortunately, the ease and efficiency of cloud computing for data storage and information sharing brought with it unique and unfamiliar security concerns. As more federal government agencies began adopting cloud technology, there quickly grew a need to create new security standards for the government vendors providing this technology.

With the introduction of cloud technology, the federal government needed a way to standardize an easily replicated verifiable process that was applicable across government agencies. Hence, the General Services Administration (GSA) founded the Federal Risk and Authorization Management Program (FedRAMP) in 2012.

The role of FedRAMP

FedRAMP oversees the authorization process of cloud technology providers by creating a standardized procedure to ensure the security of cloud offerings to the federal government through a series of in-depth tests with a sponsoring agency, a Third Party Assessment Organization (3PAO), and the GSA itself.

The FedRAMP security verification process puts the onus on the government vendor to revise and improve their cloud offering, streamlining the adoption process for federal agencies. After months of rigorous security testing, successful cloud offerings are posted to the FedRAMP marketplace where government agencies can confidently and cost-effectively adopt verified, configurable cloud-based technology.

Secure, efficient, and cost-effective cloud security

FedRAMP operates by the motto, "Do once, use many times," meaning that once a cloud technology is FedRAMP authorized and implemented, other government agencies can adopt that cloud technology with an existing FedRAMP authorization at a greatly reduced cost. Therefore, government agencies can confidently implement secure, efficient, and cost effective cloud computing technology with ease, allowing them to focus existing time and budget on mission achievement.

What’s next?

As an update to the previous administration’s “Cloud First” policy, the current White House administration created the “Cloud Smart” initiative in 2018. “Cloud Smart” takes its predecessor’s policy a step further by providing strategies for federal agencies to secure cloud computing services. As more government agencies enter the world of cloud technology, the field of government IT security continues to evolve.

Leidos now offers FedRAMP authorized CRM

In July of this year Leidos’ Constituent Relationship Management (CRM) system Intranet Quorum (IQ) was authorized under FedRAMP and is now available on the FedRAMP marketplace as IQ FedCloud. IQ is the No. 1 CRM designed specifically for the public sector to help government organizations connect with their constituents, manage service requests, and streamline complex business processes. For more than 20 years, Leidos’ IQ CRM has serviced countless users and is now trusted by 65 percent of Congress, 50 percent of U.S. Governors, and more than 100 federal, state, and local agencies.

As a world-renowned provider of government services and technology, Leidos is committed to providing innovative technology solutions with uncompromising security standards to the federal government for many years to come.

If you’re a federal agency looking to modernize internal processes with cloud computing, then contact us to talk about IQ, the leading CRM in the public sector now available on a FedRAMP authorized environment.