North Carolina partners with nonprofit GovRamp to improve cloud software security across state agencies
North Carolina is tightening up how it protects government data stored in the cloud, partnering with GovRAMP, a nonprofit organization that helps standardize cloud security for government procurement. The goal is to make sure companies that sell cloud software to the state meet the same security standards.
North Carolina’s Department of Information Technology announced the new partnership Wednesday as part of a broader push to modernize state technology and lower the risk of cyberattacks. Starting in April, cloud vendors working with executive branch agencies will need to meet GovRAMP’s security requirements. The department also plans to make it easier and faster for agencies to buy secure technology, onboard vendors and launch new online services for residents.
“This is about more than compliance. It’s about trust and progress,” NCDIT secretary and state chief information officer Teena Piccione said in a statement about the partnership. “The public expects secure, reliable services. By adopting a consistent approach, we’re not only protecting the state’s digital assets, but we are empowering agencies to more quickly deliver online services for North Carolinians.”
GovRAMP acts like a security seal of approval. It provides state agencies with a cybersecurity framework, based on recommendations by the National Institute of Standards and Technology, and checks whether cloud companies follow strong cybersecurity practices, including independent audits and ongoing monitoring.
State leaders, like Bernice Russell-Bond, North Carolina’s chief information security officer, said the partnership will better protect sensitive information from threats like data breaches and ransomware.
“Cybersecurity is a shared responsibility,” Russell-Bond said Wednesday. “This partnership builds a stronger foundation for resilience and trust, creating an environment where technology can thrive securely and efficiently.”
With this partnership, North Carolina joins more than 23 states — including Arizona, California, Florida, Georgia, Michigan, Texas and Utah — that already use or recognize the nonprofit’s approach to help evaluate cloud providers.
