The White House is set to release final guidance for modernizing the Federal Risk and Authorization Management Program (FedRAMP). The guidance aims to reform the cloud security authorization program by focusing on rigorous reviews, quick mitigation of security weaknesses, and establishing an automated process for security assessments. Agencies and the General Services Administration (GSA) have specific timelines for updating policies and processes to align with the guidance. The modernization of FedRAMP is seen as a catalyst for governmentwide digital transformation and IT modernization.
A federal court ruled that U.S. border agents cannot search visitors’ cellphones, including U.S. citizens, without a warrant in the Eastern District of New York. This decision follows a case involving Kurbonali Sultanov, whose phone was searched without a warrant at JFK Airport. Civil liberties groups supported the ruling, emphasizing that warrantless searches violate privacy rights protected by the First and Fourth Amendments. The court acknowledged the agents acted in good faith but affirmed the need for warrants in such searches.
And a quick update: Apple has agreed to adopt voluntary AI safeguards established by President Biden’s administration, joining other major companies like OpenAI, Amazon, Alphabet, Meta, and Microsoft in testing their AI systems for discrimination, security flaws, and national security risks.
Why do we care?
FedRAMP quietly influences more than most IT services companies know. With the changes in CMMC 2.0, many customers and their MSPs will need to remain compliant with the federal government, and many solutions won’t make the cut. See my bonus episodes about CMMC if you aren’t up to speed.
Warrants for searches are established precedents, and it is good to see them reaffirmed.

