Carahsoft’s John Lee: Security Snapshot Could Simplify StateRAMP Certification Process for CSPs

John Lee, vice president for cloud solutions at Carahsoft Technology, said the State Risk and Authorization Management Program, an independent nonprofit organization launched in 2021, unveiled an early-stage security maturity evaluation tool for cloud offerings, called Security Snapshot, in January.

Lee wrote in a blog post published Thursday that Security Snapshot offers detailed information on how vendors can secure StateRAMP-certified status.

“The snapshot offers a preliminary numerical score that CSPs can share with prospective government clients, which will not appear on the CSP’s record,” he noted.

Lee said the snapshot comes with criteria meant to help agencies verify minimum requirements, offers additional benchmarks and controls and seeks to enable cloud service providers to secure insights into third-party cloud offerings and security postures.

“With the introduction of Security Snapshot, CSPs can ease their concerns, knowing they will receive detailed, personalized support to help them qualify for StateRAMP’s verification,” he added.

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

