Insights from Agencies Who Are Using FedRAMP Solutions

The Federal Risk and Authorization Management Program (FedRAMP) makes it easier for government agencies to move to the cloud by by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

FedRAMP also generates long-term business value in the form of cost-savings, reduced risk, and increased levels of security.

Together with Market Connections, Maximus and Genesys fielded a survey of 200 federal and 300 state and local government IT and business decision makers from agencies with direct citizen services to gain a greater understanding of how they are or aren’t using FedRAMP solutions in their cloud environments, where agencies are in their cloud adoption journey, and how they perceive FedRAMP-authorized cloud solutions.

Below are insights from the survey about the value, benefits and migration to a cloud-enabled enterprise:

It’s not a surprise that many agencies have already moved email, calendar, and contacts to the cloud, which helps account for those who indicated that some but not all systems are in the cloud.

Agencies recognize the value of the cloud and are driving toward greater cloud adoption with more momentum than ever:

• 91% of federal respondents and 93% of state and local respondents said they have all, most, or some systems and solutions in the cloud.
• 56% of federal respondents and 35% of state and local respondents indicated that “some systems and solutions are in the cloud, but not all.”

Adopting cloud is about business value (and FedRAMP is what you largely need to make that choice compliant). If agencies were asked about the top driver to adopt cloud, they wouldn’t say nearly as much about mandates.

Agencies are realizing the tangible benefits to FedRAMP, including long-term cost-savings and acceleration to broader cloud adoption:

• 95% of federal respondents and 97% of state and local respondents recognize other benefits to adopting a FedRAMP-authorized solution.
• 62% of federal respondents and 56% of state and local respondents consider adherence to mandates and National Institute of Standards and Technology (NIST) guidelines a top benefit of a FedRAMP-authorized solution.

As a CIO is thinking about how to move their entire enterprise into a cloud-enabled environment, they are accounting for legacy systems that may be so complex, intertwined, or monolithic that they have to look at multiple services to meet many different requirements. Some may be a simple lift and shift. At the same time, there are a significant number of options to choose from. The pathway to adoption can be more or less complex depending on the environment.

Agencies face many considerations, challenges, and options when deciding how they transition to a cloud-enabled enterprise:

• 44% of federal respondents and 43% of state and local respondents cited the fact that “multiple solutions may need to be adopted since not all FedRAMP-authorized solutions provide a comprehensive set of functionalities” as a challenge to adoption.
• 38% of federal respondents and 38% of state and local respondentscited “vendor lock-in/lack of flexibility in moving from one solution to another” as a challenge to adoption.

This blog post is an excerpt from a partner spotlight research brief, “FedRAMP as the on-ramp to greater cloud adoption,” download the full e-book here for more insights and survey data.