StateRAMP expands roster of participating states
More than a dozen more government organizations will be participating in the State Risk and Authorization Management Program, a shared service that certifies the security of cloud products and services.
StateRAMP, the nonprofit organization that validates the security posture of cloud service providers (CSPs) for state and local government, announced more than a dozen new government participants.
Modeled after the Federal Risk and Authorization Management Program, StateRAMP is designed as a shared service for government and a standardized, streamlined verification service for suppliers. State and local IT agencies can use its authorized product list to find cloud products that have achieved a security status.
Newly announced state, local and education organizations newly working with StateRAMP include:
- Arkansas - Administrative Office of the Courts
- Nebraska - Judicial Branch
- North Dakota
- West Virginia
- New York State Local Government IT Directors’ Association
- Sacramento County, California
- City of Chandler, Arizona
- Hillsborough County Sheriff’s Office, Florida
- Fayetteville State University, North Carolina
- University of North Carolina System
- K12 Security Information eXchange
These government organizations join 10 other states that have joined with StateRAMP since the organization began piloting with states and CSPs in early 2021.
The announcement of the latest government users follows news that the National Association of State Procurement Officials recently named StateRAMP a strategic partner. Together, StateRAMP and NASPO will work to help standardize and improve third-party cloud security.
Speaking at FCW’s Aug. 24 FedRAMP Summit, StateRAMP Executive Director Leah McGrath said states are determined to ensure that their products and vendors are secure and are looking for a more standardized approach to cloud procurement.
"Finding a way to speed up the [authorization] process is really critical, and it's part of what I think is driving the momentum we're seeing in state and local government,” she said.
“By focusing on cybersecurity risk management, StateRAMP addresses a key pain point for state and local public agencies—and the vendors and suppliers that serve them,” said Doug Levin, National Director, K12 Security Information eXchange, a nonprofit threat intelligence and best practices community for the K-12 education community and one of StateRAMP’s new participants. “With a grounding in the reality of state and local government operations—and by building on widely adopted best practices—StateRAMP is exactly the sort of smart innovation that the public sector needs and deserves,” he said in a statement.
“When there is a common problem, there is an opportunity for a shared solution. In cloud security, the shared solution is StateRAMP for all levels of government and the vendors who serve them.” StateRAMP Executive Director Leah McGrath said.
NEXT STORY: Telemedicine increases health equity for inmates