Federal CIO Council announces government cloud adoption security controls

January 12, 2012

Government agency cloud adoption is a significant goal of the Obama Administration and U.S. chief information officer Steven VanRoekel, as both believe cloud computing can reduce IT spending and improve data security.

The Federal CIO Council recently published more than 150 security control requirements for the Federal Risk and Authorization Management Program (FedRAMP), a government initiative launched in December to support and accelerate cloud adoption among federal agencies.

"FedRAMP's unified risk management process will evaluate IT services offered by vendors on behalf of Federal agencies, saving agencies from conducting their own risk management programs," a blog post on the CIO's website said. "By reducing duplicative risk management efforts, FedRAMP will enable Federal agencies to focus their evaluations of IT services on their agency's specific needs, as well as their privacy and security requirements."

The security controls are organized into 16 categories and provide the basis for FedRAMP's systematic strategy to authorizing cloud products and services, the report said.

According to a recent Bluetext survey of local, state and federal IT workers, 91 percent of government organizations would be interested in cloud-based data centers if they resulted in reduced costs. Meanwhile, more than half of respondents said the political leadership of their government is aware of cloud computing and its benefits.

-McAfee Cloud Security