The more people you have to go through to get approval for an IT project, the less likely it is to happen, so when Amazon announces another security certification it's not just about compliance, it's about releasing pent-up cloud demand. With the company's announcement on Tuesday that both its US West and East data center hubs, …
FedRAMP certification, a bunch of forms you fill in, that contribute nothing what-so-ever to cybersecurity ..
Not quite that bad
But how much less I haven't dug into. The description at the FedRAMP site says there's actually a third-party assessment of the service. Unfortunately, it's not a Federal third party, so watch out for winks and nudges.
They also claim there's an ongoing reassessment process, but unless failing to have a retest carries the same consequences as failing one, the budget for continuing oversight will be right up there with the budget for highway maintenance.