GSA’s FedRAMP celebrates 10 Years of Impact on Cloud Security
Post filed in: FedRAMP
Today, the Federal Risk and Authorization Management Program (FedRAMP) celebrates its 10-year anniversary. On December 8, 2011, the Office of Management and Budget (OMB) signed a memo establishing FedRAMP to provide a cost-effective, risk-based approach for the adoption and use of cloud services.
This landmark reflects GSA and FedRAMP’s commitment to protecting public and federal information through supporting IT modernization and securing IT infrastructure. Over the past ten years, the program has seen an incredible increase in the adoption of FedRAMP authorized services and will play a critical role in improving the nation’s cybersecurity.
Ten years later, agencies are able to leverage a variety of cloud technologies that provide benefits, such as remote access, scalability, collaboration, efficiency, and many more secure cloud products that are critical to many agencies’ IT modernization efforts.
“Through partnership with government and industry, FedRAMP has been able to reduce duplicative efforts, inconsistencies, and cost efficiencies through a risk-based approach for the adoption and use of cloud services by the federal government,” said Brian Conrad, acting FedRAMP director. “The program’s growth has even greater urgency given the continued demand for secure cloud technology and the need to work remotely.“
One Year After Program Was Founded: 2012 |
Today: 2021 |
1 authorized Cloud Service Provider (CSP) |
280 authorized CSPs |
0 reuse of a FedRAMP Authorized Cloud Service Offering (CSO) |
3,000 + cloud products reused by government agencies |
1 baseline for cloud authorizations: FedRAMP Low/Moderate |
4 baselines in response to stakeholder needs and feedback: FedRAMP Low, FedRAMP Moderate, FedRAMP High, FedRAMP Tailored |
3 JAB agencies (DoD, DHS, GSA) initially engaged |
180+ participating agencies |
0 training participants |
75,000 + training participants |
Looking ahead, FedRAMP will continue to evolve and work to modernize FedRAMP through automation and business process improvements to grow and scale the program, while enhancing the experience of agencies and industry. Additionally, the program will continue to use various engagement channels to connect with stakeholders to exchange information, share learnings, and listen to feedback on the program.
To learn more about FedRAMP’s accomplishments over the past 10 years, visit the Focus on FedRAMP blog.