David Egts, chief technologist for North America public sector at Red Hat, said he believes more companies will pursue Federal Risk and Authorization Management Program certification in calendar year 2020 as the process gets easier, Federal News Network reported Monday.
“FedRAMP is seen as a de facto standard for cloud security, not just as a standard within the federal government, but state and local agencies, as well as other companies that work with the federal government, and even other governments look at FedRAMP as being this gold seal of approval of due diligence has been done, a third party has looked at it,” Egts said.
He called on agencies to have a cloud exit strategy and data management plan in place before they start their move to the cloud.
Other trends Egts cited are the agencies’ recognition of multicloud as part of their cloud strategies; automation of infrastructure driven by agencies’ adoption of the Department of Homeland Security’s Continuous Diagnostics and Mitigation program; and the need for agencies to focus on processes and people.
“Establishing guiding principles at the top and empowering employees at all levels is the only way for agencies to scale as agency expectations go higher and higher and technologies move faster and faster,” he added.