Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Keeper Security Completes Authorization Meeting FedRAMP® Revision 5 Controls

October 2024 by Marc Jacob

Keeper Security announces that it has successfully completed the transition to Revision 5 Federal Risk and Authorization Management Program (FedRAMP®) security controls baseline. Based on a security assessment and the Federal Information Processing Standard (FIPS) security categorization of Moderate, Keeper’s sponsor organization, Millennium Challenge Corporation (MCC), has determined that Keeper Security Government Cloud (KSGC) meets the information security requirements and is granted an Authority to Operate (ATO).

This accomplishment builds on Keeper’s announcement that it achieved FedRAMP Authorization at the Moderate Impact Level for KSGC in August 2022, as well as StateRAMP Authorization in December 2022, continuously meeting and maintaining the strict requirements ever since. These highly sought-after and difficult-to-attain designations set KSGC apart from its competitors as the best-in-class zero-trust and zero-knowledge cybersecurity solution for government agencies to protect their privileged access, passwords, data, secrets, and remote connections. KSGC is hosted in AWS GovCloud (US), designed to host sensitive data and regulated workloads, and to address the most stringent U.S. government security and compliance requirements.

To receive FedRAMP Rev 5 Authorization, organizations must implement controls from 18 different control families that originate from the National Institute of Standards and Technology Special Publication 800-53. This alone can take organizations months or years, depending on the complexity of the system.

Below are a few quotes from Keeper Security leadership team about reaching Revision 5 controls for FedRAMP authorization at the moderate impact level:

"Meeting FedRAMP’s Revision 5 controls underscores our commitment to providing the highest standards of security and compliance to both our federal customers, as well as our broader global customer base,” said Darren Guccione, CEO and Co-founder, Keeper Security. “This accomplishment not only reflects our dedication to safeguarding data but also solidifies our position as a trusted partner in the federal space, ensuring that our solutions meet the most rigorous standards to protect against evolving cyber threats."

“With government and critical infrastructure facing more cyber attacks than ever before, these controls are critical in addressing the evolving threat landscape,” said Patrick Tiquet, VP of Security and Compliance, Keeper Security. “Ensuring that we not only meet but exceed FedRAMP’s stringent security requirements is a testament to our commitment to protect the most sensitive data of our federal agencies and the American public.”

"Achieving FedRAMP Moderate for our cloud-native solution reflects our dedication to ensuring the highest data security and compliance levels, especially for federal agencies handling sensitive information,” said Paul Aronhime, SVP of Federal Sector, Keeper Security. “It emphasizes our commitment to working with the federal government and is a necessary step as we move to FedRAMP High. It enhances trust and accountability and demonstrates a strong commitment to protecting national security."

The FedRAMP Authorized KSGC follows a White House Executive Order mandating zero-trust architecture and strong encryption, along with a draft memorandum by the Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) mandating that all federal agencies adopt a zero-trust security architecture by 2024. The memorandum specifically calls out password security requirements that KSGC facilitates, including strong password policies and the ability to compare user passwords against weak and breached data.

KSGC zero-trust privileged access manager maintains the Keeper Security zero-trust security framework alongside a zero-knowledge security architecture, so users have complete knowledge, management and control over credentials and encryption keys. It provides a human-centric cybersecurity solution to safeguard against ransomware attacks, provide powerful security insights, as well as robust compliance and reporting with support for RBAC, 2FA, FIPS 140-2 encryption, HIPAA, FINRA, SOC, ITAR and more.

Keeper serves tens of thousands of business customers around the globe, including major federal agencies such as the Department of Justice, Department of Energy, Department of the Interior, United States Secret Service, Department of Transportation and National Aeronautics and Space Administration.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts