Yesterday, GitHub announced that its Business Cloud is now FedRAMP (Federal Risk and Authorization Management Program) authorized. This is to support the US government’s recent efforts to streamline the security review and authorization for certain software tools.
GitHub is being used by Governments around the world to build software, shape policy, and share information with constituents. With the FedRAMP initiative, users can continue to use GitHub with the confidence that the platform meets the low impact software-as-a-service (SaaS) baseline of security standards set by the US federal government partners.
What does being FedRAMP authorized mean?
FedRAMP, a supporting body of the US General Services Administration (GSA), standardizes security assessment, authorization, and continuous monitoring of cloud products and services by federal agencies. It offers a single authorization process, speeding up the government’s adoption of cloud services so that the agencies do not have to individually authorize cloud service offerings.
The team at GSA recognized an opportunity to fine-tune FedRAMP specifically for software-as-a-service (SaaS) providers. This allows GitHub to provide feedback as they created the new FedRAMP Tailored framework. GitHub has completed the assessment phase and its Business Cloud has secured the FedRAMP tailored authorization.
Enhancements for the GitHub community
At present GitHub has thousands of active government users post the GSA made their initial commit in the year 2013. The New York Senate was the first government organization to post code to GitHub in 2009.
Agencies use GitHub to develop software, collaborate with the public on open source, publish data sets, solicit input on policies, and more.
The tailored framework lowers the barrier to entry for cloud software providers interested in securing FedRAMP Authorization. The new framework controls will help SaaS providers to meet government security standards more efficiently. This makes it easier for federal, state, and local government agencies to use the development tools they need to do their best work.
With GitHub’s FedRAMP Authorized service, agencies can:
- Secure collaboration in the cloud
- Foster innovation and continuous testing of new ideas
- Modernize the way you build software
These services are not restricted to government agencies. Everyone in the GitHub community can benefit from these security and privacy enhancements.