Companies that already provide cloud services to federal agencies will have their offerings vetted first under the new FedRAMP security assessment program.
FedRAMP was launched earlier this month to give agencies and contractors a base set of security controls, allowing quick adoption of commercial cloud technology across agencies.
“We can’t just open the doors wide open right from the start,” said Dave McClure, associate administrator of the General Services Administration‘s Office of Citizen Services and Innovative Technologies, according to Federal Times.
McClure added that companies on existing contracts for other cloud services, such as email, will also get priority vetting.
A three-member board composed of chief information officers from the GSA and the departments of Defense and Homeland Security will review the companies. FedRAMP also requires independent assessors to determine if the cloud technology being offered meets federal security standards, which Federal Times reports are scheduled to be released in January.