This article is an excerpt from GovLoop’s recent guide, “Your Guide to Cloud Security in Government Today: Making the Most of FedRAMP.” Download the full guide here.
The federal government’s data is like a family’s precious jewelry – it must be stored in a secure safe. Citizens’ trust – and even well-being – can be damaged when agencies fail to protect this sensitive information and leave it vulnerable to people with bad intentions.
In an interview with GovLoop, Mike Rohde, Deputy Chief Information Security Officer, Federal at ServiceNow, explained how cloud security requirements like FedRAMP give your organization’s data the protections it deserves. ServiceNow is a FedRAMPauthorized cloud services provider.
Rohde said that using FedRAMP standards as a guide, agencies can create a U.S. government community cloud, a model where every cloud consumer is on the same page with data storage, security and mission objectives. A U.S. government community cloud is a stamp of approval for federal agencies, promising that everyone involved meets FedRAMP’s standards.
“The organizations that are allowed in a U.S. government community cloud must demonstrate that they meet particular requirements for protecting data and operate in specific regions,” Rohde said.
Federal data often contains valuable information about individual citizens, government spending and national security. The cost of this knowledge falling into the wrong hands is subsequently high. Today, many agencies put financial or citizen data into cloud environments, which means it is extra-sensitive and therefore deserves a safer storage place.
“If you’re in a public cloud, you may be in the same environment as commercial customers that don’t have the same stringent data requirements as a U.S. government community cloud,” Rohde said.
Public cloud exposes federal agencies to risk from other participants who don’t follow the same security standards they do. In contrast, a U.S. government community cloud only allows groups who meet the same federal requirements to interact with your agency’s data.
FedRAMP, then, is an attractive rulebook for U.S. government community clouds. Any cloud consumer that follows FedRAMP’s guidelines is reliable and secure for all federal agencies.
“FedRAMP’s big benefit is that cloud providers like ServiceNow have gone through the rigor and due diligence to allow government consumers to use us,” Rohde said. Additionally, it helps both public and private-sector participants reach federal security standards faster.
Another benefit is the ability for agencies to meet IT modernization goals. Cloud is a critical piece in modernizing federal IT. By using cloud, agencies can transform the way they achieve their missions and deliver services to citizens. FedRAMPauthorized cloud offers agencies the confidence to leave their legacy IT behind without sacrificing their security. IT management services companies like ServiceNow help governments deliver faster, more reliable services to citizens.