A straightforward guide to DoD impact levels

  Business is booming in the cloud services market, and the federal government is leading the charge. According to Deltek, federal agencies awarded over $23 billion in cloud contracts in 2021 — a figure that’s likely to rise in the coming years.    Here’s the problem: While federal cloud spending is reaching an all-time high,…

Read more

How does codification change the FedRAMP program?

  How does codification change the FedRAMP program?   After repeated attempts to pass Congress, President Biden signed the FedRAMP Authorization Act on December 23, 2022, officially codifying the Federal Risk and Authorization Management Program (FedRAMP). As part of the Federal Cloud Computing Strategy, FedRAMP plays a key role in assessing and procuring cloud products…

Read more
FedRAMP Codified into law

Ultimate guide to FedRAMP compliance

The federal government spends billions of dollars every year on cloud computing. In fact, Deloitte research indicates that public sector cloud spending is increasing at a steady annual rate of 14.3%. At this pace, the United States will invest over $11 billion toward cloud computing in 2022 alone. At the same time, a number of…

Read more
Government IT Compliance

The future of government cloud compliance

Understanding the future of government cloud compliance   In 2018, nearly 79% of government IT spending was reserved for the maintenance of legacy systems, according to the IDC. But in the years since, more of those resources are being used to migrate workloads to the cloud.   Deloitte estimates that federal cloud spending has grown…

Read more

5 Benefits of Cloud Computing for Government Agencies

Federal, state and local governments have come a long way since the Office of Management and Budget introduced its “Cloud First” strategy in 2011. Although cloud adoption got off to a slow start, the public sector soon realized the potential of cutting-edge cloud computing.   According to Deloitte, federal cloud spending has increased at a…

Read more

You Failed your FedRAMP Assessment: Now What?

        As an independent software vendor (ISV), you’ve done all the right things in the commercial market. Customers love your product. Your product has a buzz in the industry. You carefully identify the public sector as your next target. All the meetings go well. You find a government project that’s hungry for…

Read more

The Federal Government ATO Process: A Guide for ISVs

Commercial independent software vendors (ISVs) who want to do business with the Department of Defense (DoD) and the federal government must meet strict security and compliance regulations by passing an Authority to Operate (ATO) process. The stakes are high for government IT security because sensitive and even top-secret data can be found in the government…

Read more

Senate Passed a Major Cybersecurity Legislation Requiring Incident Reporting

  On Tuesday, March 2, 2022, the Senate passed major cybersecurity legislation to force reporting of cyberattacks and ransomware. This risk-based approach appears to take into consideration federal officials’ warnings on the potential of Russian cyberattacks against the United States. While cyber incident reporting is now a “landmark” bill, cloud service providers managing security and…

Read more

Version (v1r4) of the DoD (CC SRG) Released

Today the Department of Defense released their latest version (v1r4) of the DoD Cloud Computing Security Requirements Guide (CC SRG).  The 351-page SRG includes a lot of renewed and modified guidance for DoD cloud solution providers.  Understanding when and how to implement this new guidance is important for all existing DoD deployments, but especially for…

Read more

Moving off milCloud?

The Defense Information Systems Agency is letting its milCloud 2.0 offering expire in May 2022.  The 89 DOD mission partners currently using milCloud will need to migrate their 4,500 workloads elsewhere by that date.  For Infrastructure-as-a-Service (IaaS), the mission partners will be able to leverage the Joint Warfighter Cloud Capability (JWCC) contract that DISA has…

Read more