Advanced Computing in the Age of AI | Thursday, March 28, 2024

FedRAMP Enlists Industry Vet To Oversee Clouds 

The U.S. General Services Administration (GSA) has appointed a tech industry veteran to help oversee its uneven cloud rollout.

Jennifer Kerber, former president of the industry group TechAmerica Foundation and most recently executive director of the Government Transformation Initiative, will join GSA's Office of Citizens Services and Technologies as director of its Federal Cloud Credential Exchange program.

Kerber's move to GSA was first reported by the web site federalnewsradio.com.

The GSA exchange is working with agency partners that include the Commerce Department's National Institute of Standards and Technology that its developing security standards for the federal cloud initiative FedRAMP, or Federal Risk and Authorization Management Program.

The exchange allows the public to access cloud-based federal online services without passwords or other digital identification for various agency services. The Federal Cloud Credential Exchange acts as a software "middleman" to make it easier for individuals to log into federal web sites using their own credentials obtained from an approved external service provider.

Among the agencies participating in the cloud credentialing effort is the U.S. Postal Service, which was selected as the service provider for a pilot program.

Kerber will oversee the exchange's pilot program that would likely be used by other federal agencies operating cloud-based public web sites where documents and forms are frequently downloaded. Among them are the Social Security Administration and the U.S. Internal Revenue Service.

The Federal Cloud Credential Exchange is part of the leading edge of FedRAMP efforts to move federal agencies to the cloud. A June 5 deadline for agencies to comply with federal cloud security standards came and went with several potential cloud vendors caught in an administrative bottleneck.

Cloud providers can gain security authorization either through GSA or individual government agencies. Both routes to approval have proven onerous.

Kerber will replace Katie Lewin, who retired earlier this year. David McClure, GSA associate administrator and cloud computing proponent, also retired from the agency in April.

While at the industry group TechAmerica Foundation, Kerber worked on a commission examining the U.S. government's transition to cloud computing. Among the panel's recommendations was a government-industry effort to develop "standard frameworks for securing, assessing, certifying and accrediting cloud solutions."

The commission's report also recommended an industry-led effort to develop an "identity management ecosystem" that would allow users to gain secure access to future government cloud services.

The Federal Cloud Credential Exchange to be headed by Kerber seeks in part of implement the commission's recommendation. The cloud commission noted in its report "that a more robust authentication system would facilitate the transition of a wider variety of workloads and interactions to cloud services."

The panel also recommended that government, industry, and academia develop a joint cloud computing research initiative that should include the National Science Foundation and the Defense Advanced Research Projects Agency.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).

EnterpriseAI