The Federal Risk and Authorization Management Program (FedRAMP) FAQ
Public sector customers, like private enterprises, must perform due diligence on any cloud-based solution to ensure that sensitive data is properly protected, while it’s outside of their direct control and that all other relevant security policies are met. In order to make this simple for U.S. federal agencies, the U.S. Office of Management and Budget created the Federal Risk and Authorization Management Program (FedRAMP).
FedRAMP is an assessment and authorization process which U.S. federal agencies use to ensure proper security controls are in place when accessing cloud computing products and services. FedRAMP provides a single, consistent process for validating cloud services across all U.S. federal agencies, which streamlines the procurement process for many public sector customers and ensures that consistent baseline security policies are used across different agencies.
Falcon on GovCloud-1, also referred to as GOV-1, is authorized to operate at Impact Level 4 (IL-4). This level of authorization is sufficient for a broad range of Department of Defense (DoD) and Defense Industrial Base (DIB) customers.
With the launch of GovCloud-2, CrowdStrike is proud to share that it has been granted DoD Impact Level 5 (IL-5) P-ATO and is committed to helping secure National Security Systems (NSS) and agencies and supporting organizations with controlled unclassified information (CUI) that requires this higher level of protection.
For more information:
Read the FedRAMP blog
Contact the CrowdStrike Public Sector Team at 1.888.512.8906 or email publicsector@crowdstrike.com
Download a white paper and learn why Endpoint Security Must Move to the Cloud