FedRAMP Government Certified Cloud Providers
Government agencies require secure, modern cloud solutions to achieve mission success. The Federal Risk and Authorization Management Program (FedRAMP) evaluates the security capabilities of cloud service providers to ensure unclassified federal information is protected.
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. Carahsoft helps Federal agencies identify and acquire secure solutions from our portfolio of FedRAMP certified cloud service providers (CSPs).
Carahsoft's FedRAMP Vendor Portfolio
Carahsoft offers FedRAMP cloud service offerings (CSOs) for three compliance designations and three impact levels. Impact levels are determined by the security risk posed by a CSO compromising the confidentiality, integrity and availability of critical agency information.
FedRAMP Authorized: A designation assigned to CSOs that have completed the FedRAMP authorization process through either a federal agency or the Joint Authorization Board (JAB)
FedRAMP In Process: A CSO that is working towards a FedRAMP authorization through either a federal agency or the Joint Authorization Board (JAB). Once a CSO becomes In Process, they are listed on the FedRAMP Marketplace.
FedRAMP Ready: A CSO following a Third-Party Assessment Organization (3PAO)’s attestation of security capabilities and a FedRAMP PMO approval of a Readiness Assessment Report (RAR).
High Impact Level: A security breach could result in severe or catastrophic negative effects on the agency or individuals. Typically appropriate for law enforcement, emergency services, military, financial or health systems.
Moderate Impact Level: A security breach could cause significant adverse effects, including financial harm to the agency or individuals.
Low Impact Level and LI-SaaS: A security breach could cause limited negative impact on an agency. Low Impact SaaS (LI-SaaS) is reserved for SaaS applications that do not store Personal Identifiable Information (PII).
Discover Carahsoft’s partner marketplace for FedRAMP certified cloud solutions.
All FedRAMP Vendors
Click into the CSPs in Carahsoft’s marketplace of FedRAMP vendors to discover how each CSO supports mission success for the Federal government. Each description includes the compliance designation and impact level of the solution.
FedRAMP is the Basis for DOD IL
For the Department of Defense (DoD) to leverage cloud service offerings they must follow the DoD Cloud Computing Security Requirements Guide (DoD CC SRG) set by the Defense Information Systems Agency (DISA). Carahsoft can help Defense agencies find DoD authorized Cloud Service Offerings (CSOs).
Carahsoft’s Portfolio of StateRAMP Authorized Solutions
FedRAMP’s success at the Federal level exposed the need for a similar program that could be utilized by state and local agencies. StateRAMP was created to allow state and local government to benefit from FedRAMP’s approach for standardizing cybersecurity requirements for IT solutions and enabling reauthorizations of security packages.
What is FedRAMP Compliance?
The FedRAMP Authorization Act, signed in December 2022 as part of the FY23 National Defense Authorization Act (NDAA), codifies the FedRAMP program as the authoritative security assessment and authorization baseline for cloud service offerings that process unclassified federal data. FedRAMP Compliance enables agencies to:
- Reuse assessments and authorizations to rapidly adopt cloud services
- Assure confidence in the security of cloud solutions
- Maintain consistent security certification standards for cloud solutions
- Preserve transparency between the federal government and CSP’s
How can my CSO become FedRAMP certified?
To work with the federal government, cloud service providers must achieve FedRAMP authorization for each cloud service offering. This ensures agencies maintain a high level of data protection that is standardized across the federal government. Federal officials look to the FedRAMP marketplace as the most reliable source when securing new cloud solutions. Learn how Carahsoft helps CSPs become FedRAMP authorized and build their federal customer base.
Education: Learn More About FedRAMP
FedRAMP Community Blog Trends
-
Why AppExchange Use Offers Agencies Untapped Opportunity
May 23rd, 2023
Learn how AppExchange helps organizations increase productivity, eliminate risk and save time from AppExchange leaders on the Carahsoft Blog.
- Tagged Conga, Contract Management, Data Protection, FedRAMP, FNN, FormAssembly, Innovation in Government, Multicloud, Nintex, Odaseva, Salesforce, WalkMe, workflow automation
-
Securing Containerized Applications in Government Agencies
May 18th, 2022
Understanding the unique cyber-risks of containers, along with the tools and strategies for mitigating them, can help your organization take advantage of their benefits while also keeping them secure.
- Tagged Container Applications, Cybersecurity, FedRAMP, SolarWinds, SolarWinds Containerized Applications, SolarWinds Security, U.S. Department of Agriculture, U.S. Department of Defense to the National Institutes of Health
-
Federal News Network Expert Edition: FedRAMP
April 19th, 2021
Read the latest insights on the future of FedRAMP from Carahsoft’s technology partners and leaders at FedRAMP, CISA, NIST, GSA, DoD and DHS.
- Tagged Adobe, Collibra, COVID-19, Federal News Network, FedRAMP, FNN, Hootsuite, IIG, Innovation in Government, okta, Salesforce
-
A New Option for Agencies and Providers: StateRAMP
March 8th, 2021
Learn about StateRAMP's goal to create a framework for continuous improvement in cybersecurity for governments and providers on Carahsoft's Community Blog.
- Tagged Cybersecurity Solutions, Federal Risk and Authorization Management Program, FedRAMP, State and Local Government, State Risk and Authorization Management Program, StateRAMP
-
Improving the User Experience by Integrating Security
January 29th, 2021
Okta's Chris Niggel talks the importance of choosing the right security solutions, keeping users engaged and where agencies will focus their efforts in the future.
- Tagged CMMC, FedRAMP, GovForward Multicloud Series, okta, Okta Security Solutions, Security Solutions, User Experience, UX
-
How Government Agencies Can Get the Most Out of the Cloud
January 15th, 2021
Learn about how to efficiently move to the cloud and what it can do for you from Servicenow's Hayri Tarhan on the Carahsoft Community Blog.
- Tagged Cloud Smart, Cloud Strategy, Cloud Technology, FedRAMP, GovForward Multicloud Series, ServiceNow
-
The Advantages of a Risk-Based Approach to Security in Government
January 8th, 2021
Salesforce's Matt Goodrich discusses FedRAMP's risk-based approach to cybersecurity and its benefits on the Carahsoft Community Blog.
- Tagged Cybersecurity, FedRAMP, GovForward Multicloud Series, Risk-Based Approach, Salesforce, Security in Government
-
Cloud’s Burning Questions: Hybrid, Multicloud, Emerging Tech, and More
December 29th, 2020
Red Hat's David Egts explains why moving to the cloud and embracing open source can help agencies achieve success on the Carahsoft Community Blog.
- Tagged Cloud Smart, Cloud Strategy, COVID-19, FedRAMP, GovForward Multicloud Series, Hybrid Cloud, Multicloud, Open Source, Red Hat
-
Streamlining FedRAMP Compliance With Automation
December 16th, 2020
Follow subject matter experts from Anitian, AWS, and A-LIGN as they discuss navigating a FedRAMP authorization journey on the Carahsoft Community Blog.
- Tagged A-LIGN, Anitian, AWS, Cloud Computing, Federal Risk and Authorization Management Program, FedRAMP, FedRAMP compliance, FedRAMP experts, FedRAMP process
Upcoming FedRAMP Events
Webcast
 |
FEDRAMP EVENT 
October 31, 2023
2:00 PM ET
|
> |
|
Event
 |
FEDRAMP EVENT
Hosted By: NCSI & Dynatrace
December 12, 2023
8:00 AM PT
|
> |
Resources
Latest FedRAMP News
 |
FEDRAMP NEWS
August 02, 2023
Collabware, a leading provider of data protection and records management software, today announced that their cloud solution, Collabspace, received FedRAMP® JAB Provisional Authority to Operate (P-ATO) by the Joint Authorization Board (JAB) of the U.S. Federal Risk and Authorization Management Program (FedRAMP). It is a distinction in the vendor security testing program so government agencies can leverage the JAB P-ATO appraisal to fast-track procurement, cloud systems deployment and operational usage. |
> |
 |
FEDRAMP NEWS
July 25, 2023
Read about the following Cloud Service Providers (CSPs), which have been selected to work with the Joint Authorization Board (JAB) for a Provisional Authority to Operate (P-ATO) from our latest round of FedRAMP Connect. |
> |