I'd like to think that my government team is trying to approach this the right way.
I work on a small team of about 12 within 18F (part of the General Services Administration). We are creating cloud.gov, a Platform as a Service (think Heroku, Google App Engine, IBM Bluemix) for the Federal Government. The key is to remove the government compliance burden from federal government development teams while also making modern technology accessible and understandable.
We come from private sector for a two year civil service. We are super lean and all of our work is open source (github.com/18F).
Note that cloud.gov is only seeking certification for FISMA Moderate impact level, so a lot of DoD systems (such as anything classified) cannot be hosted on our PaaS.
I work on a small team of about 12 within 18F (part of the General Services Administration). We are creating cloud.gov, a Platform as a Service (think Heroku, Google App Engine, IBM Bluemix) for the Federal Government. The key is to remove the government compliance burden from federal government development teams while also making modern technology accessible and understandable.
We come from private sector for a two year civil service. We are super lean and all of our work is open source (github.com/18F).
Note that cloud.gov is only seeking certification for FISMA Moderate impact level, so a lot of DoD systems (such as anything classified) cannot be hosted on our PaaS.