Mahan joined episode 2 of Let’s Talk About IT to discuss the latest with the federal government’s cloud security authorization program and the challenges it’s overcome since it was chartered.
Particularly, she detailed FedRAMP’s “exponential” evolution to greater reciprocity: to make sure that when a cloud service provider is authorized to do work with one agency that other agencies are taking advantage of that ATO — authority to operate — to do business with that vendor, rather than spending the time and money to do an ATO on its own,
“We have that one unified standard that is accepted by all agencies, so it’s a passport,” Mahan said. Vendors only have to go through this process once, “and then it can be reused from one government agency to the next.” She said there are more than 1,070 reuse cases across government, a number that’s grown from less than 100 in 2014.
Listen to what Mahan has to say about that success as well as the program’s challenges in the new episode.