The General Services Administration announced today the Federal Risk and Authorization Management Program, or FedRAMP, has issued two new provisional cloud security authorizations.
The Joint Authorization Board for FedRAMP, composed of the chief information officers from GSA and the departments of Defense and Homeland Security, awarded the provisional authorizations to HP and Lockheed Martin.
“These two new Joint Authorization Board provisional authorizations continue to demonstrate the viability of the FedRAMP program,” said Dave McClure, associate administrator of GSA’s Office of Citizen Services and Innovative Technologies. “With four JAB authorizations and two agency authorizations, we’ve got some good early examples of the different ways to utilize FedRAMP for an agency’s specific security needs.”
HP Enterprise Cloud Services’ Virtual Private Cloud and Lockheed Martin’s SolaS Cloud Solution join other infrastructure-as-a-service cloud offerings, Autonomic Resources and CGI Federal under JAB provisional authorities to operate.
Necessarily, HP and Lockheed Martin demonstrated and implemented the FedRAMP security controls on their cloud services offerings, using an independent FedRAMP-accredited Third Party Assessment Organization to substantiate their security implementations. KPMG LLP, Burke Consortium, Inc. and Dakota Consulting, Inc. also joined the list of FedRAMP-accredited 3PAOs this month, pushing the total number of small business 3PAOs to 11 out of 20.
The Health and Human Services Department also recently awarded Amazon Web Services’ GovCloud and U.S. East/West offerings each an agency authorization to operate using FedRAMP requirements.
The contents of the provisional authorization packages will be available upon request to all agencies in full, including the independent assessment conducted by a FedRAMP-accredited 3PAO for agency specific security authorizations.