FedRAMP Authorization: The Ins and Outs of DIY vs. Outsourcing

By Ryan Gilhooley, Enterprise Cloud Solutions Manager

Software vendors and federal systems integrators continually wrestle with authorization for their cloud services through the Federal Risk and Authorization Management Program (FedRAMP). It’s fair to ask whether your company really needs FedRAMP authorization at all?

The short answer is yes: Applications have to be FedRAMP compliant before they can be sold to federal government agencies as software as a service (SaaS). FedRAMP authorized applications also are advertised on the FedRAMP Marketplace, which is where government agencies go to determine the types of solutions available to meet their requirements.

The real question is how to handle the cost and complexity of the technical, compliance and documentation challenges of FedRAMP authorization. Should it be handled in-house or should some or all of the process be outsourced? Read more of this post

Federal Modernization Challenges and Priorities for FY20

By Jessica Parks, Analyst

Data visibility, cloud and emerging technologies were important themes at a the recent IT Modernization summit hosted by FCW. The conference sessions brought together acquisition and IT officials from a variety of federal agencies, small and large, both civilian and DOD, who shared how their agencies are delivering on modernization goals.

Here are more details about these topics and advice on how you can position your company and solutions to stand out from the crowd.

Data Visibility

Agencies need improved visibility into their data. Data is the cornerstone of multiple technologies, powering AI and machine learning algorithms and bolstering cybersecurity efforts. It is, quite simply, crucial for government agencies to be able to gain as much insight into their data as possible in order to keep pace with rapid technological developments. Don Heckman, Principal Director in the Deputy Chief Information Office for Cybersecurity at DOD, noted that “visibility into assets is a huge challenge” for the agency. Read more of this post

Beyond Cyber Hygiene

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

Helping agencies lock the door to keep external threat actors out of IT networks, combined with education and training, can only go so far in protecting government assets. There will always be vulnerability.

Public sector networks, with their treasure trove of sensitive information, face vigorous targeting by nation states and cyber criminals looking to steal anything they can get their hands on. Cyber-attacks remain one of the clear and present threats of our time with an intensity that shows little signs of abating.

So, how can those selling security solutions to government help mitigate threats when good cyber hygiene isn’t enough? Read more of this post

CBP Plans Its Move to the Cloud

Tom O'Keefe

By Tom O’Keefe, Consultant

Customs and Border Protection (CBP) recently released an RFI seeking industry input on a comprehensive cloud solution that may lead to an RFP later this year or in early 2020. Cloud is a big topic of conversation at federal agencies, but right now, its bark is much larger than its bite. We can expect that to change over the next few years. As this new RFI shows us, agencies are looking to transition significant portions of their environment to the cloud. While traditional IT delivery models may still hold their value, cloud is the future.

CBP is the largest component within the Department of Homeland Security, and how it manages cloud may be indicative of how some of the smaller DHS agencies may also do so. Kshemendra Paul, DHS’s cloud officer, has indicated that only 10% of DHS applications are currently in the cloud. Another 30% are in process or are slated to move to the cloud. Most of what has already been migrated are easy-to-migrate applications like email. Large, mission-critical applications are still being hosted on premise and are likely to be the last of the applications to migrate. CBP will likely use the contract that results from this RFI to accomplish this migration.

Read more of this post

Collaboration in Times of Consolidation: Hot Topic for State CIOs

By Rachel Eckert, SLED Manager

NASCIO’s 2019 Midyear Conference last week brought together CIOs from 45 states and three territories and provided a multitude of opportunities to network with CIOs and state representatives, including 16 new CIOs from last year’s election cycle.

The overwhelming trend this year was collaboration, both internal to state governments and externally to their partners and constituents. Collaboration will be a key piece of the CIO’s arsenal as more and more states look toward consolidating and centralizing IT infrastructure.

Consolidation brings many benefits – from cost savings and improved management to better network visibility. By consolidating networks and infrastructure into a centrally managed data center or cloud environment, the CIO and staff will have more time to work on unique applications and delivering outcomes for their agencies. However, getting state entities to commit to and actively participate in a consolidation effort takes more than just the promise of cost savings.

Read more of this post

OTAs and Cloud: Hot Topics at AFCEA WEST

By Mark Wisinger, Senior Analyst

AFCEA West is the most happening event on the Navy IT circuit. The sunny San Diego weather draws a big crowd every February and it’s an excellent place to talk shop, learn about the latest Navy and Marine Corps trends and opportunities and soak up the California sun – despite the rain this year!

Here are a couple top-level trends I noticed during the conference:

OTAs are red hot
It seems not a month goes by without new OTA’s popping up. While the Navy did not announce a new other-transactional-authority vehicle, it did announce that within the next week or two, we’d see requests for cloud and networking through the Information Warfare Research Project (IWRP) OTA. We’re seeing the Navy continue to ramp up OTA usage and grow more comfortable with the OTA acquisition process.

NAVAIR appears to be the most popular Navy cloud broker
Each Navy systems command is in varying stages of maturing their cloud-broker offering for the rest of the department. But, it appears that NAVAIR’s AWS GovCloud environment is the most popular choice right now. The Navy cloud broker model is rather interesting, given the JEDI competition and DOD CIO Dana Deasy’s mandate to consolidate as much of DOD cloud purchasing through the JEDI cloud vehicle as possible. Read more of this post

Cloud Spending in FY19: Three Areas to Watch

Chris WiedemannBy Chris Wiedemann, Consultant

With record-setting projections for cloud purchases in the government by the end of FY18, customers are going to be more open to cloud-based solutions than ever before. Offering technology in the cloud will be increasingly important to retaining business, because customers who were once open to on-premise deployments may begin to look elsewhere for answers.

Here are three cloud trends and opportunities for FY19

Read more of this post

%d bloggers like this: