Will Your SAAS offering meet GSA's FedRAMP Security?

Bluedog successfully marketed our SAAS offering, Workbench "Always on the Job!" after being the *second* software-as-a-service on the GSA schedule 70 (behind Salesforce, of course). With the federal sector jumping on the "utility company" model for software over the internet, how agencies will consume these services is still "somewhat up in the air" (j/k). The General Services Administration (GSA) is accepting security certification applications from cloud computing vendors to provide software services and data storage through the cloud as part of its Federal Risk and Authorization Management Program. GSA recently issued a solicitation for cloud providers to apply for FedRAMP certification. The certification is available for both commercial and government entities. “The FedRAMP controls and processes create a standardized approach for agencies to leverage security assessments for cloud services. This ‘approve once, and use many’ approach will benefit [cloud service providers] by speeding the adoption of cloud services by agencies and reducing the cost and time required to conduct redundant, individual agency security assessments,” according to the solicitation, which provides instructions for applying for certification.