Jun 10, 2024
By Christopher Revell

What the FY25 NDAA’s ATO Proposal Means For Your Defense Agency

The proposed changes to the Authorization-to-Operate (ATO) process for cloud-based capabilities in the FY25 National Defense Authorization Act (NDAA) will have a significant impact on how Defense Agencies modernize their operations. The current ATO process is often a major roadblock to adopting cloud-based solutions within the Department of Defense (DoD), hindering agencies’ ability to leverage the agility, scalability, and cost-effectiveness cloud solutions offer.

Here’s how the proposed ATO changes can benefit Defense Agencies:

  • Reduced Time to Mission Critical Capabilities: The new policy’s emphasis on reciprocity of cybersecurity assessments could significantly speed up approvals for cloud-based solutions that have already been vetted by other DoD branches. This means that if a cloud service has already been approved by one military department, it won’t need to go through the entire process again, which can often take 12-15 months.
  • Streamlined Internal Processes: Creating a system for sharing documentation would eliminate the need for agencies to re-gather information for each ATO request. This translates to less administrative burden and frees up valuable resources within agencies.
  • Enhanced Collaboration: Increased transparency through shared documentation can foster better collaboration between agencies. With a clearer picture of existing assessments, agencies can leverage each other’s work and focus efforts on new deployments.
  • Focus on Innovation: By streamlining ATO, agencies can dedicate more time and resources to exploring and implementing cutting-edge cloud security solutions. This fosters a culture of innovation that benefits the entire DoD landscape.
  • Cost Savings: The current ATO process can be expensive, with agencies spending significant resources on documentation and assessments. The streamlining measures could lead to substantial cost savings for Defense Agencies.

By removing bureaucratic hurdles, the NDAA could empower agencies to leverage the full potential of cloud technologies, ultimately strengthening the DoD’s overall security posture. This is especially important when it comes to managing large-scale, cross-functional business operations, like facilities maintenance, space utilization, real estate and portfolio optimization, and capital planning and projects.

Nuvolo Connected Workplace was built to address these business activities and should be an easy choice for Defense Agencies when it comes to managing their facilities and assets. In addition to being a fully integrated workplace management system (IWMS) that has robust critical asset management functionality, it is built on the ServiceNow platform, which has obtained FedRAMP High Impact Authority to Operate with over 150 Agency ATOs to date and provisional DoD Impact Level 5 Authorization from the Joint Authorization Board. Nuvolo also serves various agencies, including the Defense Information Systems Agency (DISA), which means it will not require additional authorization to be deployed elsewhere.

The proposed changes to the ATO process in the FY25 NDAA offer a compelling opportunity for Defense Agencies to accelerate their cloud modernization journeys. Faster approvals, streamlined workflows, and improved collaboration all contribute to a more agile and efficient operating environment.

For agencies seeking a comprehensive IWMS solution built on a secure and pre-authorized platform, Nuvolo Connected Workplace stands out as a clear choice. With its proven track record within the DoD and its alignment with the proposed ATO streamlining measures, Nuvolo can empower agencies to streamline operations, optimize resources, and ultimately strengthen national security.

See how Nuvolo Connected Workplace can empower your agency to leverage the full potential of cloud technologies for facilities and asset management.