Reading the Clouds: FedRAMP Adoption Stats

FedRAMP federal cloud mandatesWith cloud mandates well established and programs like FedRAMP designed to make the move to cloud easier, where is the government in terms of cloud adoption? Carahsoft and our partners VMware and Carpathia looked to find out just that. Fierce Government IT and Market Connections reached out to over 200 federal employees involved in technology solutions. The aim of this research was to determine how well agencies understood the Federal Risk Authorization Management Program (FedRAMP) and how it impacted their cloud implementations.

An interesting conflict was uncovered with the research: more than half of respondents (66%) said that cloud computing is essential to their organization’s operations, yet only 30% said that they have the right in-house expertise between IT and procurement staff to effectively buy a cloud service. This means about 30% of people who deem cloud critical don’t feel like they can procure the technology. More, it suggests that agencies are looking to partner with a “broker” who can help determine the right solution and the right way to get it.

Adding more to the support issues already at hand, the report also revealed that security is still raised at the number one barrier to moving to cloud. But, while important, cyber security concerns should not be the roadblock that many consider it. DoD CIO, Terry Halvorsen recently said that data, like food, should come with an expiration date. At a point, is loses the value it once had and no longer needs the level of security originally applied.

Finally, the report also revealed more about structural and cultural issues with cloud adoption. The cultural barriers to the move to cloud are not at the IT worker level, mainly referring to people often referred to as server huggers, but rather higher up in the organization. The IT workforce is far more bullish on moving to the cloud than are their managers and executives.

FedRAMP was developed to mitigate many of these problems –clearing solutions for a standard level of security and easing the procurement time, but at present, the program is not working perfectly. While 82% of federal cloud implementations are going through the FedRAMP approval process, workers are frustrated with the pace of their individual procurements. 44% said that the Joint Authorization Board (JAB) takes too long to approve cloud services; FedRAMP is addressing the delay in approval with better education of vendors and agencies alike as to what documentation is needed for an ATO. Additionally, the group is looking for funding to build an automated tool to speed up the approval process.

Carahsoft is proud to partner with a number of vendors who have FedRAMP-approved products. These cloud solutions meet the strict security needs of government and provide interoperability with legacy systems that today’s agencies require.

Related Articles