A Must-Have for SaaS
Cloud-based as-a-service providers looking to access and sell to the U.S. Public Sector Market require certification through the Federal Risk and Authorization Management Program (FedRAMP). Established in 2011, FedRAMP provides a standardized approach to security and risk assessment for cloud technologies and federal agencies, helping promote the adoption of secure cloud services across the government. It is the de-facto standard through which Cloud Service Offerings (CSO) can obtain an Authority to Operate (ATO), allowing them to be re-used at multiple agencies.
Government and Industry, Working Together
FedRAMP enables the federal government to leverage industry to securely modernize IT infrastructure. Before FedRAMP, vendors were required to meet a different set of security requirements for each agency. Now, with FedRAMP’s baseline security framework and guiding principle of “do once, use many times,” a CSO that is authorized at one federal agency can be re-used at any other agency. This certification extends to the broader state and local public sector market, drastically expanding a vendor’s TAM and revenue potential. In essence, build your cloud service once but sell it multiple times.