Fed cloud contracts up 2x this year after red tape slashing
(2025/08/11)
- Reference: 1754944995
- News link: https://www.theregister.co.uk/2025/08/11/fedramp_government_cloud_software_approvals/
- Source link:
The US Government's process for certifying cloud services safe for official use has long been slow, but that's no longer the case. Approvals so far this fiscal year are more than double the total for all of FY 2024.
The General Services Administration has approved 114 cloud services for government use through its Federal Risk and Authorization Management Program (FedRAMP) in FY 2025, and the GSA is crediting this year's success to a Biden-era program, known as [1]FedRAMP 20x , designed to transform the government's cloud software approval process.
FedRAMP is a government-wide initiative that standardizes the security assessment and authorization of cloud services for government use. The program has been around since 2011, and a [2]2024 memo called for modernizing it to reduce the approval timeline and simplify the process. FedRAMP 20x is that initiative, which the GSA described as designed around "cutting documentation, enabling automation, and streamlining validation and decision-making."
[3]
That new automated process, for example, requires submissions for FedRAMP approval to have key security [4]indicators reported in a machine-readable format so that AI can analyze new filings [5]before they're reviewed by humans.
[6]
[7]
"These achievements come just one year after the Office of Management and Budget (OMB) issued Memorandum M-24-15, which called for bold action to modernize the government's cloud authorization process," GSA said in a [8]statement .
When the OMB penned that memo, cloud software approvals were still taking more than a year on average to complete, the GSA noted. As of today, "GSA has now reduced the time for authorizations to approximately five weeks," the agency said.
[9]
"FedRAMP 20x has allowed us to rethink the entire authorization model and prove that security and speed can coexist in the federal space," FedRAMP director Pete Waterman said in the GSA's statement.
So far so good, and FedRAMP 20x is still in the pilot phase - it's been accepting test submissions since May, and the window for new participants closes next week on August 19. Phase one has been exclusively testing cloud platforms for low-impact usage, which means it can only apply to low-security applications.
Phase two will involve testing for moderate-impact applications. In addition to testing the 20x system for higher-security uses, future pilot project work will also see GSA soliciting feedback from users to refine the new model. The GSA didn't respond to additional questions about 20x's success thus far.
One purchasing change Trump can't take credit for
The 20x program may be a Biden era initiative to change the procurement process by making FedRAMP approval simpler, but the Trump administration has plenty of other purchasing policy changes to take credit for.
[10]Three US agencies get failing grades for not following IT best practices
[11]UK government spends another £1B on cloud migration and services
[12]India gets its turn on the Trump tariff train: 25% levy to start Friday
[13]Governments cling to private cloud despite inexorable public cloud adoption
An early executive order [14]consolidated government IT purchasing under the GSA instead of allowing various agencies to handle their own IT purchases and transitioned the standard model of purchasing from one-off deals to "government-wide acquisition contracts" that allow various agencies to purchase necessary equipment without having to solicit bids and hash out contract terms for each and every new rack, server, and piece of enterprise software.
Such government-wide contracts have included new deals with companies like [15]Oracle , [16]AWS and [17]the big AI firms to provide discounted access to their services for government buyers. These also eliminate the need to do all the purchasing paperwork that agencies had to do before.
[18]
In addition to those actions, Trump has also [19]directed officials to overhaul the Federal Acquisition Regulation in order to eliminate anything not "required by statute or essential to sound procurement." The administration is also requiring a review of all open solicitations and awards, in order to [20]cut funding for government-made products and services and see if better commercial solutions exist. ®
Get our [21]Tech Resources
[1] https://www.fedramp.gov/20x/phase-one
[2] https://www.fedramp.gov/assets/resources/documents/FedRAMP_Policy_Memo.pdf
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[4] https://www.fedramp.gov/20x/standards
[5] https://www.fedramp.gov/20x/phase-one/#:~:text=The%2020xP1%20Authorization%20Process
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://www.gsa.gov/about-us/newsroom/news-releases/gsa-celebrates-major-fedramp-milestones-08112025
[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[10] https://www.theregister.com/2025/08/05/epa_dhs_gsa_get_failing_grades/
[11] https://www.theregister.com/2024/12/03/uk_gov_cloud_services/
[12] https://www.theregister.com/2025/07/30/trump_tariffs_india/
[13] https://www.theregister.com/2025/04/04/public_sector_private_cloud/
[14] https://www.theregister.com/2025/03/21/trump_orders_it_contracts_consolidated/
[15] https://www.theregister.com/2025/07/08/gsa_oracle_deal/
[16] https://www.theregister.com/2025/08/07/gsa_signs_1b_deal_with_aws/
[17] https://www.theregister.com/2025/08/06/google_openai_anthropic_us_gov_ai_deal/
[18] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[19] http://whitehouse.gov/presidential-actions/2025/04/restoring-common-sense-to-federal-procurement/
[20] https://www.whitehouse.gov/presidential-actions/2025/04/ensuring-commercial-cost-effective-solutions-in-federal-contracts/
[21] https://whitepapers.theregister.com/
The General Services Administration has approved 114 cloud services for government use through its Federal Risk and Authorization Management Program (FedRAMP) in FY 2025, and the GSA is crediting this year's success to a Biden-era program, known as [1]FedRAMP 20x , designed to transform the government's cloud software approval process.
FedRAMP is a government-wide initiative that standardizes the security assessment and authorization of cloud services for government use. The program has been around since 2011, and a [2]2024 memo called for modernizing it to reduce the approval timeline and simplify the process. FedRAMP 20x is that initiative, which the GSA described as designed around "cutting documentation, enabling automation, and streamlining validation and decision-making."
[3]
That new automated process, for example, requires submissions for FedRAMP approval to have key security [4]indicators reported in a machine-readable format so that AI can analyze new filings [5]before they're reviewed by humans.
[6]
[7]
"These achievements come just one year after the Office of Management and Budget (OMB) issued Memorandum M-24-15, which called for bold action to modernize the government's cloud authorization process," GSA said in a [8]statement .
When the OMB penned that memo, cloud software approvals were still taking more than a year on average to complete, the GSA noted. As of today, "GSA has now reduced the time for authorizations to approximately five weeks," the agency said.
[9]
"FedRAMP 20x has allowed us to rethink the entire authorization model and prove that security and speed can coexist in the federal space," FedRAMP director Pete Waterman said in the GSA's statement.
So far so good, and FedRAMP 20x is still in the pilot phase - it's been accepting test submissions since May, and the window for new participants closes next week on August 19. Phase one has been exclusively testing cloud platforms for low-impact usage, which means it can only apply to low-security applications.
Phase two will involve testing for moderate-impact applications. In addition to testing the 20x system for higher-security uses, future pilot project work will also see GSA soliciting feedback from users to refine the new model. The GSA didn't respond to additional questions about 20x's success thus far.
One purchasing change Trump can't take credit for
The 20x program may be a Biden era initiative to change the procurement process by making FedRAMP approval simpler, but the Trump administration has plenty of other purchasing policy changes to take credit for.
[10]Three US agencies get failing grades for not following IT best practices
[11]UK government spends another £1B on cloud migration and services
[12]India gets its turn on the Trump tariff train: 25% levy to start Friday
[13]Governments cling to private cloud despite inexorable public cloud adoption
An early executive order [14]consolidated government IT purchasing under the GSA instead of allowing various agencies to handle their own IT purchases and transitioned the standard model of purchasing from one-off deals to "government-wide acquisition contracts" that allow various agencies to purchase necessary equipment without having to solicit bids and hash out contract terms for each and every new rack, server, and piece of enterprise software.
Such government-wide contracts have included new deals with companies like [15]Oracle , [16]AWS and [17]the big AI firms to provide discounted access to their services for government buyers. These also eliminate the need to do all the purchasing paperwork that agencies had to do before.
[18]
In addition to those actions, Trump has also [19]directed officials to overhaul the Federal Acquisition Regulation in order to eliminate anything not "required by statute or essential to sound procurement." The administration is also requiring a review of all open solicitations and awards, in order to [20]cut funding for government-made products and services and see if better commercial solutions exist. ®
Get our [21]Tech Resources
[1] https://www.fedramp.gov/20x/phase-one
[2] https://www.fedramp.gov/assets/resources/documents/FedRAMP_Policy_Memo.pdf
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[4] https://www.fedramp.gov/20x/standards
[5] https://www.fedramp.gov/20x/phase-one/#:~:text=The%2020xP1%20Authorization%20Process
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[8] https://www.gsa.gov/about-us/newsroom/news-releases/gsa-celebrates-major-fedramp-milestones-08112025
[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[10] https://www.theregister.com/2025/08/05/epa_dhs_gsa_get_failing_grades/
[11] https://www.theregister.com/2024/12/03/uk_gov_cloud_services/
[12] https://www.theregister.com/2025/07/30/trump_tariffs_india/
[13] https://www.theregister.com/2025/04/04/public_sector_private_cloud/
[14] https://www.theregister.com/2025/03/21/trump_orders_it_contracts_consolidated/
[15] https://www.theregister.com/2025/07/08/gsa_oracle_deal/
[16] https://www.theregister.com/2025/08/07/gsa_signs_1b_deal_with_aws/
[17] https://www.theregister.com/2025/08/06/google_openai_anthropic_us_gov_ai_deal/
[18] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/publicsector&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aJpn9tEybkErEIMKXX7W9QAAAQA&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[19] http://whitehouse.gov/presidential-actions/2025/04/restoring-common-sense-to-federal-procurement/
[20] https://www.whitehouse.gov/presidential-actions/2025/04/ensuring-commercial-cost-effective-solutions-in-federal-contracts/
[21] https://whitepapers.theregister.com/