When people think of government software, they often think of COBOL and PowerBuilder 5, with manual software deploys every three to six months on a fixed number of machines in a government-run data center. This perception is sometimes justified, but sometimes entirely wrong. Regardless, the perception makes many developers reluctant to work for the government because they worry about the frustrations of getting stuck in the bureaucracy instead of being able to iterate rapidly, ship products, and deliver value.
This week we’re excited to celebrate FedRAMP’s fifth birthday! The program has come a long way over the past five years, as we have been able to grow and transform the program to continue meeting our partners’ evolving needs. FedRAMP achieved initial operational capability in 2012. We launched FedRAMP.gov that year as our primary communication and outreach channel. Since then, we have continued to iterate based on the voice of the customer and have expanded our outreach to include such activities as training, weekly tips, a user-centered marketplace and dashboard, and the Focus on FedRAMP blog.
Like any newer technology, cloud computing has faced adoption challenges. IT managers understand the huge potential efficiency improvements and savings that cloud computing can bring to their agencies, but also have questions about security, compatibility, and funding. With these concerns and without a clear path to cloud computing, many agencies continue to maintain on-premises solutions. However, the costs of legacy systems are expensive, and this is a particularly important issue in a budget-constrained environment.
If you’re a program manager or a federal web developer you’ve probably been given a seemingly simple task: Create a basic website as part of a new initiative at your agency. The hardest part is often not crafting the content or designing the prototype, but getting the security and privacy compliance in order to launch and maintain the actual website’s compliance status. For that work, you might have to hire a contractor or put extra strain on your agency’s web team.
We wanted to share some high-level guidance for CSPs and 3PAOs we created with the JAB teams to provide insight into the different roles and responsibilities for 3PAOs and CSPs in our authorization process. These roles and responsibilities were created and refined over the last year as we refined the JAB’s authorization process through FedRAMP Accelerated. The CSP’s role (189 kb PDF, 1 page) in the JAB authorization process is to ensure their service offering meets the NIST/FedRAMP requirements through the implementation and documentation of security controls.
You may have heard of “serverless architecture” or Amazon Web Services (AWS) Lambda product and wondered what is unique about this new buzzword. As with many new digital cloud technologies, serverless architecture could mean two things. It may be applications that are built using third-party cloud applications. Or serverless architectures could be pieces of code that live in the cloud and only run when called on by a user: event-driven functions.
DigitalGov University (DGU), the events platform for DigitalGov, provides programming to build and accelerate digital capacity by providing webinars and in-person events highlighting innovations, case studies, tools, and resources. Thanks to your participation, DGU hosted over 90 events with 6,648 attendees from over 100 agencies across federal, tribal, state, and local governments. DGU strives to provide training throughout the year that is useful and relevant to you. One of the most resounding comments from digital managers last year was people wanted to be able to attend all of our classes virtually.
Many of our cloud service providers (CSPs), federal agencies, and third party assessment organizations (3PAOs) often share common issues and questions when going through the FedRAMP process. To help guide our stakeholders, we will be providing weekly tips and address frequently asked questions and concerns. Email us potential tips and questions that you would like published as a tip. Cloud Service Providers (CSPs) Question: Why should CSPs spend time and money developing high quality documentation when their goal is to become FedRAMP Authorized?
Summary: Building on efforts to boost Federal cybersecurity & as part of National Cybersecurity Awareness Month, today we’re releasing a proposed guidance to modernize Federal IT. America’s spirit of ingenuity and entrepreneurship created the world’s most innovative economy and keeps us dominant in today’s digital age. Indeed, in 1985 about 2,000 people used the Internet; today, 3.2 billion people do. What started out as a useful tool for a few is now a necessity for all of us—as essential for connecting people, goods, and services as the airplane or automobile.
The U.S. General Services Administration (GSA) made history today by releasing the first ever iBook version of the Federal Acquisition Regulation (FAR). And while a tome about the complex rules governing the federal government’s purchasing process may not sound like a bestseller, the FAR is essential reading not just for federal contracting officers and federal contractors, but owners of small (and large) businesses, too. “Basically, anyone who does or wants to conduct business with the government reads the FAR,” said Dan Briest, Program Manager of Acquisition.
On September 8th, the General Services Administration (GSA) held a Technology Industry Day to talk to industry leaders about the products and solutions developed by our agency and to hear feedback on how we can better engage industry. We’re thrilled that more than 300 members of the technology industry in person and via the live stream were able to join us for this first step towards a closer partnership and more open lines of communication about how we can work together to transform federal technology.
One year ago this week, we launched vote.gov (also known as vote.usa.gov). It’s a concise and simple site with a single mission: direct citizens through the voter registration process as quickly as possible. It was created by a joint team of USA.gov staffers and Presidential Innovation Fellows, all of whom work within the General Services Administration (GSA). Did it work? Yes. In fact, it worked so well that Facebook made it the destination for their 2016 voter registration drive.
One day, at an unnamed agency, the Outlook server crashed. The server stayed down for the rest of the afternoon. Deprived of email and meeting calendars, employees wandered around trying to remember what meetings they had to attend. Other employees went searching for people who they ordinarily would email. There was confusion that made people realize just how dependent they were on a single software program. As the Federal government moves toward digital transformation, I have been thinking about how agencies can best weather the transition from legacy systems to cloud-based, agile applications.
Private industry and government came together to find best ways to deliver 21st century technology to federal agencies. On September 8, 2016 Administrator Denise Turner Roth of the U.S. General Services Administration (GSA) hosted the first-ever Technology Industry Day to provide a better understanding of GSA’s path to improve the government’s outdated technology systems. The event featured how GSA buys, builds and shares technology for the federal government. “The General Services Administration has a long history of being a strong leader in adopting technology in government,” said Administrator Roth when giving her opening remarks at GSA’s Technology Industry Day.
One of the questions we get asked the most at FedRAMP from our vendors is: “How much will it cost me to get through FedRAMP?” One of the reasons this is a hard question to answer is that comparing cloud providers to each other isn’t even like trying to compare apples to oranges – those are both at least fruit. Comparing a global content distribution network to a government only ticketing and CRM solution and then comparing to a web-based agile project management tool is like comparing an apple to a bike to a television.
This week marks a special anniversary for GSA as we celebrate our Data-to-Decision (D2D) platform since its launch in the fall of 2015. D2D is GSA’s data management platform that collects, manages, and analyzes complex data to enable data-driven decision-making. Over the past year, GSA has made major strides forward in understanding how accurate and insightful data can help us be a more data-driven organization. I am proud to say that D2D now has more than 1,000 users and over 100 published dashboards across GSA!
The General Services Administration (GSA) is known for managing federal real estate and leveraging the government’s buying power to get the best deal for taxpayers, but it also drives and leads technology and innovation within the federal government. The Technology Transformation Service (TTS) builds, buys and shares tech to help federal agencies achieve their mission. They create better services for citizens everyday. TTS works closely with the Federal Acquisition Service (FAS) and the GSA CIO to be first movers in and apply agile technology in a meaningful way.
We’re incredibly excited to announce the launch of the new FedRAMP Marketplace dashboard! It’s loaded with all sorts of ways for you to see how everyone is participating with FedRAMP! When we launched the FedRAMP Marketplace about 3 years ago, our intent was to create a place for agencies and cloud service providers (CSPs) to connect. As FedRAMP has grown, so has our marketplace. It’s become a space where all of you interact – CSPs, agencies, and third party assessment organizations (3PAOs) – and in more than just a one way interaction.
Many of our cloud service providers (CSPs), federal agencies, and third party assessment organizations (3PAOs) often share common issues and questions when going through the FedRAMP process. To help guide our stakeholders, we will be providing weekly tips and address frequently asked questions and concerns. This week’s tips come from FedRAMP’s Accelerated event. Read the full list of questions asked during FedRAMP Accelerated here. Send potential tips and questions that you would like published as a tip [via email].
Maps and geospatial analysis have become increasingly important as they allow the FCC to display information to the public in an interactive visual format. The FCC’s maps have become useful tools for conveying data in conjunction with Commission reports and public notices. The FCC’s maps site serves as a centralized hub for data visualizations and is one of the most highly trafficked parts of the Commission’s website. Since the launch of the original FCC maps site, a total of 53 maps have been published – including 15 this year – on topics ranging from nationwide LTE coverage to fixed broadband deployment data.
Business processes have fascinated me since I took an undergraduate philosophy course in modern business management. A part-time professor who was a management consultant by day taught this unusual class. Perhaps business management thinking was first experimenting with ideas that would later lead to the agile and lean movement today. From this class I learned that nearly all organizational issues could be traced back to bad processes rather than poor workers.
Much of our work with government partners to deliver better digital services has resulted in full websites, applications, and embarking on large-scale transformation efforts. In addition to those types of projects, we also work on shorter, faster, smaller-scale projects designed to show our partners different points of view and different techniques to approach their most challenging problems. Recently, we partnered with the Office of Integrated Technology Services (ITS) here within the General Services Administration (GSA) on a four-month effort to develop a plain language guide, informed by research and interviews, to help technology companies interested in doing business with the federal government better understand how to join IT Schedule 70.
2015 was a big year for 18F. We almost doubled in size, worked with 28 different agency partners, and released products ranging from Design Method Cards to cloud.gov. Internally, we improved onboarding and our documentation by releasing guides on topics as diverse as content, accessibility, and creating good open source projects. To mark the end of the year, we reached out to everyone at 18F and asked them to reflect on a meaningful project they worked on this year.
39 participants. 17 agencies. 6 months. Earlier this year, the CIO Council launched the IT Solutions Challenge, an initiative to engage GS 9-13 level rising stars in the IT and IT acquisition community. Participants identify shared challenges, those challenges where you might say to yourself, “if only we could [x], life would be so much easier!” Working together over 6 months, the teams prototype and make recommendations for solutions.
On Wednesday, March 11, FedRAMP unveiled a redesigned FedRAMP.gov. The new site focuses on user experience that fosters a better understanding of FedRAMP from basic knowledge, to in-depth program requirements and includes the launch of a training program. User experience is at the heart of the website redesign. Using feedback from customer interviews, the new FedRAMP.gov is easily navigable and helps visitors: Understand FedRAMP and its strategic direction Quickly find current templates and other key documents Access educational opportunities and information on FedRAMP events The FedRAMP team addressed these objectives and many others developing the website.
Today, people rely heavily on insecure and inefficient means to access federal government applications to conduct business (i.e., they depend on usernames and passwords to log into federal agency services online). Users are required to create and manage several online accounts for different applications, which can become a nuisance, difficult to manage, and creates administrative burden for the organization. Additionally, with the abundance of these weak credentials (i.e., usernames and passwords that are easy to hack and difficult to trust), organizations – including the federal government – are left with minimal confidence in a user’s identity.
Welcome to the new home of openFDA! We are incredibly excited to see so much interest in our work and hope that this site can be a valuable resource to those wishing to use public FDA data in both the public and private sector to spur innovation, further regulatory or scientific missions, educate the public, and save lives. Through openFDA, developers and researchers will have easy access to high-value FDA public data through RESTful APIs and structured file downloads.
Cloud Computing enables convenient, on-demand access to, and rapid deployment of, shared computing resources such as networks, servers, storage, applications, and services. Plan What is the Cloud? Is Cloud Computing for you? What types of services does Cloud Computing support? Types of Cloud environments Implement Learn steps to acquire, manage, and secure your agency in the cloud Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service (PDF, 963 KB, 44 pages, February 2012) Security authorizations for Cloud providers (FedRAMP) Improve Learn more about U.