A procurement bill (S-3099) now pending a Senate vote would require agencies to consider whether existing protections will meet their security needs rather than forcing cloud service providers, or CSPs to duplicate that work.
“As cloud computing technology continues its growth in our society and economy, it is important that federal agencies quickly, securely, and effectively adopt these capabilities to improve digital service delivery and protect against malicious foreign threats,” says a committee report on the bill.
The bill would put in law and add new requirements to the GSA’s FedRAMP program, under which it says there currently are 260 authorized CSPs, 67 in the process of receiving authorizations, and an additional 32 deemed ready by independent third party assessment organization. Along with OMB and DHS, the GSA would set criteria for providers eligible for certification and set processes for agencies to review and assess the security of services for their own needs.
Agencies considering purchasing cloud services would first have to “determine whether a security package already exists for any CSP which the agency seeks to authorize and, if so, use the already existing security package information and materials, to the greatest extent practicable, to authorize the CSP for use in that agency.”
The bill also would add new reporting requirements and establish an interagency board “to help oversee the processes and procedures by which agencies authorize CSPs and provide recommendations for improving the outcomes of the FedRAMP Program.”
House Set to Consider ‘Inflation Bonus Pay’ for Some Federal Employees
See You in September, Court in Vaccine Mandate Suit Says
MSBP Clarifies What Constitutes Retaliation against Whistleblower
Outside Employment / Activities Lead Topics for Federal Employees Seeking Ethics Guidance
Mutual Fund Window Open, but Not Much Going Through
G Fund Now TSP Program’s Largest
Court Action Likely Means Continued Suspension of Vaccine Mandate for Months
Who Gets the FERS Special Retirement Supplement
Nine Hours on Hold: Pressure Builds on TSP to Improve Customer Service
FERS Retirement Planning Bundle: 2022 FERS Guide & TSP Handbook