FedRAMP Compliant File Sharing for Federal Agencies
Update:
The Kiteworks (formerly Accellion) platform became FedRAMP-Authorized in June 2017. To learn more about Kiteworks and FedRAMP compliant file sharing, please visit our FedRAMP page.
The Kiteworks secure file sharing and governance platform has received “In Process” certification from the Federal Government. FedRAMP compliant file sharing is a necessity for federal agencies and the contractors who work for federal agencies.
FedRAMP Complaint File Sharing: Why It Matters
What is FedRAMP? It’s a rigorous security assessment and authorization framework developed by cybersecurity and cloud experts from many government agencies, including the General Services Administration (GSA), National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), Department of Defense (DOD), National Security Agency (NSA), Office of Management and Budget (OMB), the Federal Chief Information Officer (CIO), and Council and its working groups, as well as private industry.
The goal of FedRAMP is to help the government quickly, rigorously, and consistently assess the security of cloud solutions for use by federal agencies. Assessments include in-depth examinations of a solution’s data security and data governance capabilities, as well as the security practices of the companies providing the cloud services.
With FedRAMP compliant file sharing, U.S. federal agencies will have validation that the Kiteworks platform is a superior secure file sharing and governance solution that enables their employees to securely access and transfer sensitive government documents. Federal employees can be confident that their daily communications are protected by FedRAMP compliant file sharing.
Kiteworks has completed all the preparatory steps and is currently in the independent testing phase, having engaged a 3rd Party Assessment Organization (3PAO). Kiteworks is working with its sponsoring agency to coordinate this progress with the FedRAMP Program Management Office (PMO).
Once certified, the Kiteworks FedRAMP (GovCloud) package will be available in isolated environments on Amazon Cloud. With FedRAMP compliant file sharing, Kiteworks customers receive:
- Separate customer virtual private cloud (VPC) for all processing
- Dedicated servers
- Data isolated from all other customers
- Encrypted file storage and transfer
- Remote wipe for all mobile clients
- Reporting and audit trails
- Continuous monitoring for intrusions and other threats
In addition to FedRAMP compliant file sharing, the Kiteworks platform has received FIPS 140-2 certification for government agencies and is deployed at NASA and SEC.
To learn more about how Kiteworks enables secure and FedRAMP compliant file sharing for government agencies, schedule a custom demo of Kiteworks today.
Frequently Asked Questions
Regulatory compliance refers to the adherence to laws, regulations, guidelines, and specifications relevant to an organization’s business processes. Compliance is crucial for maintaining the company’s reputation, avoiding legal penalties, and ensuring the safety and security of operations.
Regulatory compliance affects different industries in various ways, depending on the specific regulations applicable to each industry. For instance, healthcare organizations must comply with regulations like HIPAA that protect patient data, while financial institutions must adhere to regulations like the PCI DSS that aim to prevent financial crises. Department of Defense contractors must comply with CMMC. Non-compliance can result in severe penalties, including fines and reputational damage.
Some common challenges include keeping up with changing regulations, managing and securing data, training employees on compliance requirements, and allocating sufficient resources for compliance activities. Additionally, global organizations may face the added complexity of complying with regulations in multiple jurisdictions.
Organizations can demonstrate their compliance with regulations through various means, such as maintaining comprehensive documentation of their compliance activities, conducting regular audits, and providing training records. In addition, some regulations may require organizations to submit regular reports or undergo external audits to demonstrate their compliance.
Data encryption plays a crucial role in regulatory compliance as it helps protect sensitive data from unauthorized access. Many regulations require organizations to implement appropriate security measures, including encryption, to safeguard data. By encrypting data, organizations can ensure its confidentiality and integrity, thereby helping to maintain compliance.
Additional Resources
- Blog Post Managed File Transfer
- Blog Post What is Online Secure File Sharing?
- Blog Post What is the Difference between Traditional And Enterprise File Sharing?
- Blog Post Secure Business File Sharing
- Blog Post What is Citrix ShareFile Support?