The number of cloud service providers who have received approval under the Federal Risk Authorization and Management Program or FedRAMP is growing—86 have received approval and another 69 are in process.
And FedRAMP itself has evolved to accommodate a wider range of security requirements including establishing a FISMA high baseline.
Now at the same time, agencies are expanding the types of workloads they feel confident in moving to the cloud. Agencies are rationalizing and modernizing applications as the effort to move off legacy IT continues to gain momentum.
IDC Government Insights predicts spending on cloud services to increase to $3.3 billion by 2021 from $2.2 billion in 2017. IDC expects hybrid cloud services to grow by 11 percent over the next five years, the second largest category by percentage behind the use of public cloud services.
With all this activity, agencies are trying to understand what makes sense for their mission needs.
A GSA best practices guide for hybrid cloud highlighted several considerations as agencies implement these services. GSA says integration of multiple cloud environments, composition, which provides the flexibility of the hybrid cloud model, and organization impact, which helps decide type of system or data that makes the most sense, are key ingredients to a successful approach.
At the same time, agencies will not be able to give up some on-premise data center storage and processing power.
This is creating a dual set-up that some are calling hybrid IT. This concept brings together public and private sector expertise and cloud services while potentially saving agencies money and improving their effectiveness.
So how do agencies find success and prosper in this new hybrid IT model?
Jason Miller is a reporter whose work focuses mainly on technology and procurement issues, including cybersecurity, e-government and acquisition policies and programs.
Sanjay Gupta, Chief Technology Officer, Small Business Administration
Sanjay Gupta recently joined the U.S. Small Business Administration as Chief Technology Officer from the private sector. Sanjay is a business driven, results oriented leader, adept at leveraging technology to innovate and deliver results quickly. He brings to SBA an exclusive combination of experiences as a CIO (Heidrick & Struggles, International Code Council, World Book), as a Managing Partner Consulting (Gartner), and as an Adjunct Research Analyst (IDC).
Throughout his career, Sanjay has led business/IT transformations across industries. He brings extensive global experience across industries in areas such as IT Strategy, Innovation, Digital Transformation, Architecture, Cloud, Mobile, Strategic Sourcing, Vendor Management, Contracting, Cybersecurity, Agile Development and Open Source.
Sanjay has authored over 20 research white papers focused on advice and guidance for CIOs/Boards. In addition, he is also a judge on the CIO 100 awards judging panel.
Benjamin Bergersen, Chief Information Officer, U.S. Trade and Development Agency
Benjamin Bergersen is an IT executive and cloud security expert. As the CIO for the U.S. Trade and Development Agency he transforms IT services for a global federal organization utilizing a hybrid strategy of cloud services and shared services.
Under his security leadership, MAX.gov Cloud Shared Services at the White House / OMB transformed with continuous monitoring and enterprise risk management across software development through to operations. Cyber security, DevOps, and agile development were melded to provide wikis, portals, discussion groups, and other social media to government in a secure, reliable, fast manner. Combining agile development with the latest cyber security methods helped increase MAX.gov adoption from 80,000 to 175,000+ customers across 180+ federal agencies. By implementing Department of Defense (DoD) Protection Levels and working with the Joint Staff, Benjamin expanded MAX’s adoption across the DoD. MAX.gov is the first federal agency Software as a Service (SaaS) Federal Risk and Authorization Management Program (FedRAMP) authorized cloud service provider. He received the Government Information Security Leadership Award (GISLA) from (ISC)2 for best information security business process improvement.
As the Chief Information Officer (CIO) for the Office of Inspector General in the Department of Commerce Benjamin provided collaborative nation-wide services for mission security and assurance. This included developing technology services to accelerate and enhance the capabilities of the special agents, auditors, and attorneys to perform investigations and audits nationwide in five operating locations. There he designed and implemented new IT performance measurements, technologies, virtualization, clustering, high availability, cyber security systems, customer relationship management (CRM) systems, workflow management services, and collaboration portals. He received a Department of Commerce Bronze medal and a GovTek Executive Collaboration award for building a great CIO office and delivering IT mission services.
As the Information Security Program Manager in the U.S. Antarctic Program for the U.S. Navy and the National Science Foundation (NSF) he got A+ grades two years in a row for information security as rated by U.S. Congress. Benjamin created the Chief Information Security Officer (CISO) executive education and graduate certificate program at Carnegie Mellon University’s Heinz College, CIO Institute.
Benjamin holds multiple cyber security and governance certifications including CISSP, ISSAP, and ISSMP from (ISC)2, and CGEIT, CISA, and CISM from ISACA; His education includes an MBA from George Mason University with NSA approved electives in cyber security, a Bachelor’s of Science from SUNY Brockport, and is a certified CIO by the U.S. Federal CIO Council / CIO University.
Tim Burke, Federal Cloud Project Manager, QTS
Tim Burke is the federal Cloud compliance expert for QTS. He has spent the past 20 years managing the product lifecycle for hosting services including public and private cloud solutions, managed security services, and colocation. Tim’s focus is ensuring QTS provides services that meet Customers compliance requirements for standards such as FISMA, FedRAMP, HIPAA, and PCI. He holds Bachelor’s degree in Marketing from The Ohio State University and an MBA from The University of Dayton.
Copyright © 2023 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Daily photos of things happening in and around the federal government.