Public sector customers, like private enterprises, must perform due diligence on any cloud-based solution to ensure that sensitive data is properly protected, while it’s outside of their direct control and that all other relevant security policies are met. In order to make this simple for U.S. federal agencies, the U.S. Office of Management and Budget created the Federal Risk and Authorization Management Program (FedRAMP).
FedRAMP is an assessment and authorization process which U.S. federal agencies use to ensure proper security controls are in place when accessing cloud computing products and services. FedRAMP provides a single, consistent process for validating cloud services across all U.S. federal agencies, which streamlines the procurement process for many public sector customers and ensures that consistent baseline security policies are used across different agencies.