Esper, a leading provider of cloud-based policy software, today announced it has received Federal Risk and Authorization Management Program (FedRAMP) authorization for its policymaking platform.
FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies.
The goal of the FedRAMP program is to:
- Grow the use of secure cloud technologies in use by government agencies
- Enhance the framework by which the government secures and authorizes cloud technologies
- Build and foster strong partnerships with FedRAMP stakeholders
As government agencies continue their migration from on-prem technology into the cloud, FedRAMP authorization ensures that Esper meets all federal cloud security guidelines at the Low Impact – Software as a Service (LI-SaaS) baseline.
Co-Founder and CTO, Esper
Esper joins only 271 other cloud-service providers (CSPs) that have achieved FedRAMP authorization.
Understanding the FedRAMP authorization process
Prior to Esper’s FedRAMP Authorized designation, the cloud offering was FedRAMP In Process, which indicates a federal agency’s intent to authorize.
Once the initial assessment was completed and the partnering agency granted an Authorization to Operate (ATO), FedRAMP conducted a review of the authorization package materials—as pictured above—to verify Esper’s security control implementations adhered to the FedRAMP LI-SaaS baseline requirements.
VP of Engineering, Esper
Esper approaches security and compliance activities as fundamental cornerstones of a government-ready product. This extends to all areas of Esper’s solution guiding every software, team and partnership decision. All vendor selections by Esper are required to adhere to FedRAMP or equivalent compliance guidelines. This includes using AWS as a cloud hosting provider, integration with FedRAMP Authorized system health tools and ongoing auditing with FedRAMP-recognized Third Party Assessment Organizations (3PAOs).
FedRAMP authorization is just the beginning for Esper. As the product line evolves, Esper will seek other relevant compliance to ease procurement for all types of industry. Through ongoing disclosure of past performance and audit results, Esper intends to promote confidence in the platform for all buyers and industries.
A trusted partner to governments
Esper’s secure, cloud-based policy software has been deployed by local, state and federal government agencies across the country.
The New Hampshire Department of Education deployed Esper in September 2021, allowing the department to securely draft, collaborate and manage all of their administrative rulemakings. Additionally, the Washington State Department of Health will leverage Esper’s cloud platform for all of their rulemaking processes and citizen engagement on policies.
Esper’s suite of policy workflow and management tools are purpose-built for government agencies across the United States. Their cloud-based, SaaS platform allows for data-driven research, collaborative policymaking and public-facing engagement on the policies that impact citizens and employees.