CDT Expands Cloud Offerings to Include FedRAMP Moderate

The California Department of Technology is expanding its services to include FedRAMP Moderate Off-Premises Cloud services for Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). 

The new offerings were announced Friday and include IaaS and PaaS Commercial and Government Cloud services with Amazon Web Services (AWS) and Microsoft Azure, and IaaS Government Cloud with IBM. 

Deputy State CIO Chris Cruz told Techwire that CDT sought a way to expand FedRAMP Moderate so more state agencies and departments, as well as cities and counties, could make use of the service.

"We have rates that are really consistent and complementary, with volume discounts, Cruz said. The Department of General Services and CDT "have done good a job of negotiating."

Cruz said the significance for vendors is "huge." 

"These are contracts with infrastructure services," he said. "We’ve renewed with Microsoft and Amazon ... and we’ve brought in IBM. So now in addition to infrastructure and platform services, it also includes commercial cloud services." 

CDT's announcement says, "These services will be hosted at either the Amazon, Microsoft, or IBM Data Centers and offered through vendors and resellers, who will work in cooperation with CDT to provide quality service, at the lowest price available, in a timely and efficient manner."

Cruz added: "The significance is this brings us to a more common security posture in the state. … It gets us to some level of security standardization and also infrastructure standardization. It puts a strategy in place to potentially integrate our incident response mitigation." 

"This is just an extension of what we’re doing with our security posture and our cloud services. We’re driving a cloud adoption strategy in the state."

He added: "The next alignment will be developing what I call 'guiding principles' for our cloud adoption strategy. We should be publishing those within 30 to 60 days." 

He added that CDT's strategic outreach to the state's cities and counties over the past year has been driven by a desire to offer them the option of procuring these services more affordably. 

"They’re very interested in these services, based on my outreach to them and what we’ve done," Cruz said. "We anticipate adoption will go way up." 

According to FedRAMP.gov, "The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP enables Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost effective cloud-based IT." 

CDT's full announcement is posted here.