FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This framework saves time and staff required to conduct redundant agency security assessments. For more information on FedRAMP, go to www.FedRAMP.gov.
What is FedRAMP High?
The FedRAMP High Baseline Requirements allow systems containing high-impact data to be authorized through FedRAMP. Previously, the FedRAMP authorization process was only designed for low and moderate impact systems; however, with the introduction of a high baseline, even more federal agencies will be able to move to the cloud.
These security requirements will be used to protect some of the government’s most sensitive, unclassified data in cloud computing environments. This release allows agencies to use cloud environments for high-impact data, including data that involves the protection of life and financial ruin.
Why is this such a big deal?
While 80% of federal information is categorized at low and moderate impact levels, this only represents about 50% of federal IT contracts. Now that FedRAMP has set the requirements for high impact levels, that breaks open the remaining 50% of the $80 billion a year the US Government spends on IT that could potentially move to the cloud securely. That’s huge!