IBM, Adobe Gain FedRAMP Approval for Cloud Services

IBM announced federal security authorization for its MaaS360 platform and Adobe gained FedRAMP certification for two of its cloud solutions.

cloud apps

IBM and Adobe this week both announced receiving government stamps of approval for their clouds, in the form of FedRAMP authorization for products and services they provide to the U.S. federal government.

IBM announced that its cloud-based MaaS360 platform is the first Enterprise Mobility Management solution to receive a Provisional Authorization to Operate (P-ATO) from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). Adobe received FedRAMP authorization for Adobe Experience Manager and Adobe Connect.

FedRAMP is a government program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. This framework saves time and staff required to conduct redundant agency security assessments. According to @FedRAMP, in the past six months, the program has saved the government $70 million and increased cloud usage by 41 percent.

IBM's MaaS360 is used by more than 50 federal organizations, including the General Services Administration, the Department of Commerce and the Department of the Interior to securely enable their mobile technology, and can now be used across all agencies with this new certification.

"Having met all the stringent security requirements of the FedRAMP Joint Authorization Board, comprised of the CIOs of the Department of Defense, the Department of Homeland Security and the General Services Administration, MaaS360 from IBM is now a FedRAMP compliant cloud service able to be authorized for use across all federal agencies," said FedRAMP Director Matt Goodrich.

MaaS360 enables enterprises to monitor and control smartphones, tablets and PCs, including personally owned devices. The product also helps provide additional security through integration with IBM Security Access Manager for Identity Management and IBM Trusteer for Threat Management. The combination of these technologies provides mobile management and security across users, devices, apps, content and transactions, IBM said.

"Federal agencies are demanding secure mobility solutions to support their desire to transform business processes and improve services to citizens, the military and government workers," said Anne Altman, general manager of IBM Federal, in a statement. "The FedRAMP authorization recognizes IBM's commitment to delivering the best mobile management and security experiences to help our clients usher in a more mobile-centric era through the cloud."

With its new authorization, MaaS360 joins other FedRAMP compliant IBM cloud services, including the SoftLayer Federal cloud and SmartCloud for Government.

Meanwhile, with its certification, Adobe says it is the first FedRAMP cloud service provider to deliver Web content management, electronic forms with e-signatures, Web-conferencing, eLearning, and document rights management. These services are delivered in a hybrid cloud architecture with Software as a Service (SaaS) capabilities from Adobe Experience Manager and Adobe Connect. The Department of Health and Human Services sponsored Adobe's FedRAMP authorization.

"Adobe has met the compliance requirements of the FedRAMP program," said Frank Baitman, CIO of the U.S. Department of Health and Human Services, in a statement. "This authorization meets the varied business requirements of our operating divisions. It not only benefits these organizations within the department, but other government agencies are also able to more easily utilize this security documentation and assessment for their own information technology projects. The FedRAMP program is creating greater competition among cloud service providers. With each new company achieving an authorization to operate, the cloud is maturing and becoming a secure and viable solution for government agencies and companies alike."

FedRAMP has standardized the process for federal agencies to demonstrate compliance with the National Institute of Standards and Technology’s (NIST) NIST Special Publication 800-53—a rigorous set of controls to safeguard federal information systems.

"Security compliance is critically important in cloud services," said John Landwehr, vice president and CTO of Adobe’s public sector business unit. "This FedRAMP milestone demonstrates Adobe's capability to comply with the highest security requirements, while delivering engaging and efficient digital government solutions across devices."