Shortly after wrapping up a series of FedRAMP assessment interviews, one of our customers remarked:
“This is just another sprint in a long marathon.”
The perception that FedRAMP is a series of hurdles in a never-ending race is echoed throughout the compliance community. Starting the process is an obstacle in itself between the pressures of cost, skilled resourcing, and finding a responsive agency partner aligned with the company’s go-to-market timeline.
When the FedRAMP Authorization Act was passed last December, many clients and organizations came to us asking how they should navigate this complex space. We were challenged to re-evaluate how to improve the FedRAMP authorization journey with greater care and impact – from the very beginning.
Access: Eliminating barriers to entry
As we evaluated our services, we understood that we needed to help remove the barriers preventing others from accessing this space.
Changing our strategy started with this premise:
Every cloud service provider, regardless of budget, deserves the opportunity to pursue a FedRAMP authorization.
To create this inclusive entry point, we made the decision to launch an open-source project to help cloud service providers (CSPs) kickstart their FedRAMP journey for free.
The package includes foundational components of our code base across the top three Infrastructure-as-a-Service (IaaS) providers, along with templated reference architecture design and System Security Plan (SSP) documentation. CSPs who previously couldn’t afford to enter or expand into government markets now have the opportunity.
At the onset of their journey, any CSP can download these materials and have immediate access, allowing for iterative progress before making a consider ..
Support the originator by clicking the read the rest link below.
