Cloud provider clears first hurdle in new FedRAMP Accelerated process

The Federal Risk and Authorization Management Program has been touting its developing fast lane for cloud providers looking to speed up their security accreditation for some time. 

And now, it's just opened for traffic. 

San Francisco-based CloudPassage became the first cloud provider to achieve FedRAMP Ready status for the new accelerated lane. 

FedRAMP Accelerated opened in March following complaints that the original accreditation process was often too slow for contractors seeking security approval. 

FedRAMP Accelerated is supposed to streamline that process by allowing providers to demonstrate that they have the core security controls required to work with federal agencies without requiring the lengthy documentation beforehand.

Having gained FedRAMP Ready status, CloudPassage has moved past the first in a three-stage process that would give it authorization to operate with federal agencies. Its Halo cloud security package is now listed on the FedRAMP Marketplace.

"Achieving FedRAMP Ready status is a big milestone for CloudPassage, as it demonstrates that we are a trusted cloud service provider that upholds high standards and meets FedRAMP’s rigorous review process," CloudPassage Senior Director of Security and Compliance Bart Westerink said in a statement.

The company will next submit its Halo cloud security package — including System Security Plans, Security Assessment Plans, Security Assessment Reports, and Plan of Action and Milestones — that will be reviewed as a single package by the FedRAMP program management office.

The final step includes an end-to-end review of the security package by the Joint Authorization Board with technical representatives from the Department of Defense, Department of Homeland Security and the General Services Administration. CloudPassage’s Halo package will be reviewed by third-party assessment organization Schellman & Company.

CloudPassage officials said the Halo security program can be utilized by other cloud service providers (CSP) to help attain FedRAMP Ready status because it includes a number of technical and operational controls that satisfy authorization to operate requirements.

"Federal agencies and government contractors can now leverage CloudPassage Halo to securely take advantage of the benefits of cloud infrastructure," Westerink said.

"In addition, other CSPs seeking to attain FedRAMP Ready status will find that CloudPassage Halo is a proven security platform that can assist in auditing and monitoring a significant number of controls required for the FedRAMP process."

FedRAMP is hoping the Accelerated lane will make the accreditation process more nimble for cloud service providers and federal agencies to adopt.

Recommended for you
Around The Web