Back to Top

 

State and local government agencies must verify the cybersecurity posture of their cloud solution providers (CSPs) to protect critical data, systems, and infrastructure from ransomware attacks. StateRAMP creates standardized security requirements to help agencies manage supplier risk and authenticate cloud security solutions.

StateRAMP is a non-profit organization that serves state and local governments by evaluating technology contractors through verification, continuous monitoring and reporting. StateRAMP verifies vendor security through independent audits from third party assessment organizations (3PAOs).











Authorized StateRAMP Products and Solutions Portfolio

StateRAMP connects agencies with secure IT service providers offering IaaS, PaaS, and SaaS technologies. Carahsoft provides cloud service offerings (CSOs) for StateRAMP’s three verification levels:

StateRAMP AuthorizedStateRAMP Authorized: Satisfy all requirements and has a government sponsor.

StateRAMP ActiveStateRAMP Active: Working towards Ready status.

StateRAMP In ProcessStateRAMP In Process: Working towards Authorized status.

StateRAMP PendingStateRAMP Pending: Currently being reviewed by the StateRAMP PMO and awaiting a determination for a verified status.

StateRAMP ReadyStateRAMP Ready: Meets minimum requirements.

FedRAMP Icon Library - Blue_Progressing, Snapshot.pngStateRAMP Progressing, Snapshot: Security maturity assessment for cloud products to validate a product's current maturity in relation to meeting the Minimum Mandatory Requirements for StateRAMP Ready.

Explore Carahsoft’s portfolio of StateRAMP approved solutions below.

  • Infrastructure-as-a-Service
  • Platform-as-a-Service
  • Software-as-a-Service

All StateRAMP Vendors


What Governments are Leveraging StateRAMP?

 

Currently, StateRAMP is active in 19 states, 4 local governments, and 2 higher education institutions. Explore the interactive map below to discover which agencies are participating in StateRAMP.

 

AL AK AZ AR CA CO CT DE FL GA HI ID IL IN IA KS KY LA ME MD MA MI MN MS MO MT NE NV NH NJ NM NY NC ND OH OK OR PA RI SC SD TN TX UT VT VA WA WV WI WY DC
State Description
Arizona
  • State of Arizona
  • City of Chandler
Arkansas
  • Administrative Office of the Courts (Judicial Branch)
California
  • State of California
  • Sacramento County
Colorado
  • State of Colorado
Florida
  • State of Florida
  • Hillsborough County Sheriff's Office
Georgia
  • State of Georgia
Maine
  • State of Maine
Massachusetts
  • Commonwealth of Massachusetts
Michigan
  • State of Michigan
Nebraska
  • State of Nebraska
New Hampshire
  • State of New Hampshire
New York
  • State Local Government Information Technology Directors' Association
North Carolina
  • Fayetteville State University
  • University of North Carolina System
  • State of North Carolina
North Dakota
  • State of North Dakota
Oklahoma
  • State of Oklahoma
Texas
  • State of Texas
Vermont
  • State of Vermont
West Virginia
  • State of West Virginia
Minnesota
  • State of Minnesota
Nevada
  • State of Nevada




How can my CSO become StateRAMP certified?

By becoming StateRAMP authorized, your organization can market and sell to state and local governments more effectively. Explore our partner page and connect with a Carahsoft expert to learn more about StateRAMP requirements and how your organization can become certified.

Which Education Institutions are Working with StateRAMP?

Education organizations are using StateRAMP to establish security standards for their cloud solutions. Higher Education institutions working with StateRAMP include Fayetteville State University, NC and the University of North Carolina System. Additionally, StateRAMP partners with the non-profit K12 Security Information eXchange (K12 SIX) to deliver cybersecurity best practices for K-12 schools.


Blogs



Resources