As far back as 2011 a presidential mandate said, “Records are the foundation of open government.” This mandate went on to say that accessible, readable public records supported the “principles of transparency, participation, and collaboration” in society, as well as a government’s march towards progress and efficiency.
It’s almost impossible to calculate the number of documents and records created by US federal agencies and departments every year. But much like measuring dark matter in the universe, we can estimate it by knowing what is visible versus what is hidden: The New York Times said in a 2023 article that “the federal government classifies more than 50 million documents a year.”
If only five percent of all memos, reports, rulings, and minutes are marked as ‘classified’ in some manner, it implies that government agencies and departments are producing more than a billion documents annually. A billion a year…. How are we to maintain our principles of “transparency, participation, and collaboration” in the face of that kind of scale?
Ripcord is the Silicon Valley-based company that’s changing the game in the $62 billion Intelligent Document Processing space with Document Intelligence as a Service™ (DIaaS). Ripcord’s cutting-edge platform uses advanced robotics, machine learning (ML), and artificial intelligence (AI) to digitize, ingest, classify, extract, and summarize data from both paper and digital records. This makes them accessible and actionable to enterprise users. Once digitized, Ripcord’s Canopy content platform offers secure document storage, powerful search and filtering features, and generative AI capabilities to help users understand their content, find answers to questions hidden in their documents by asking natural language questions, and extract data all with zero training.
This is clearly something federal agencies and departments need to streamline document management and processing. But when viewed in light of new regulations, this has gone from a nice to have item to an urgent one: The U.S. Office of Management and Budget recently issued guidance that requires federal agencies to manage and store all records digitally by the end of June 2024. And most just don’t have the technology to do this work at scale.
New legislation, however, adds to the degree of difficulty: in December of last year, the FedRAMP Authorization Act mandated that SaaS products used by the federal government be aligned with the Federal Risk and Authorization Management Program. This government-wide program accredits cloud services for consumption by U.S. Federal and DOD agencies, to ensure they are free of the vulnerabilities, misconfigurations and coding flaws that open the door to attacks like those perpetrated on Department of Health and Human Services, the Department of Energy and other unnamed agencies in June, and that are continuously monitored to operate in a safe and secure way. And as an article from Harvard Business Review says, FedRAMP accreditation is not for the faint-hearted: “To become FedRAMP certified, the prospective vendor… must undergo a rigorous third-party assessment by a FedRAMP-recognized Third Party Assessment Organization (3PAO). The 3PAO is responsible for ensuring … their software offering has met the security requirements outlined by the National Institute of Standards and Technology (NIST) guidelines.”
Make no mistake, FedRAMP is a substantial undertaking for a SaaS company’s development, security, and cloud teams. It generally requires new architecture, new frameworks, and an amazing degree of diligence. As the HBR article goes on to say, “The testing process is rigorous, as are the ongoing assessments. It can take anywhere from six months to two years to obtain your ATO (authority to operate).”
If the demand is NOW but the requirements are STEEP, how does a SaaS company like Ripcord energize the process, get it kick-started, and ensure long-term success?
Anitian is a continuous compliance automation company that specializes in empowering innovative SaaS products with FedRAMP-approved security platforms, practices, and tooling. Anitian’s Compliance Automation Platform uses code templates, pre-configured cloud technology and compliant-by-design architecture to not only help SaaS companies fast-track their FedRAMP process, but also maintain it for the long haul.
Todd Bailey, Ripcord’s VP of Public Sector GTM Strategy, knew the company needed a solution with both cutting-edge technology and Bonafide FedRAMP expertise to shorten the process and get their DIaaS offering in front of agency customers. “FedRAMP ATO is challenging to achieve for even the most established SaaS and PaaS players, but on top of FedRAMP’s technical demands and the concentrated services requirements, we’re also pursuing our own product vision and roadmap. By achieving FedRAMP, we’ll be able to offer our groundbreaking robotics, artificial intelligence, and machine learning technology to more agencies, fostering greater efficiency and productivity in government operations.”
From Anitian’s viewpoint, Ripcord isn’t simply a regular customer; they represent a pivotal validation point. CEO Rakesh Narasimhan thrives on the opportunity to introduce new technologies and advantages to federal buyers. He emphasizes, “Whenever we assist a pioneering company like Ripcord in streamlining, expediting, and automating their FedRAMP compliance journey, we contribute to the government’s digital transformation and modernization efforts. Moreover, as a cybersecurity company, we take pride in enhancing the security and resilience of federal systems and networks in the process.”
This FedRAMP engagement can act as a blueprint, showing how seemingly orthogonal initiatives – “Digitizing all records!” and “Securing our systems!” — can converge to amplify advantages, simplify endeavors, and achieve victories. Along the way, it can also demonstrate how private companies work together to deliver public sector successes.
That’s what makes this customer relationship especially worthwhile.
Returning to the presidential mandate we mentioned at the beginning of this post: “Well-managed records can be leveraged to evaluate program impacts, enhance business processes, and facilitate knowledge sharing throughout the government. Records safeguard the rights and interests of individuals and ensure accountability for officials’ actions. Permanent records chronicle our nation’s history.”
These principles underscore the exceptional value of this FedRAMP journey.