Esper achieves FedRAMP authorization

As government agencies continue their migration from on-prem technology into the cloud, FedRAMP authorization ensures that Esper meets all federal cloud security guidelines at the Low Impact – Software as a Service (LI-SaaS) baseline.

“This is a monumental step for Esper. Our FedRAMP authorization allows federal agencies to securely procure and implement Esper’s cloud-based policy software to modernize their mission-critical work. Additionally, local and state governments are looking towards FedRAMP’s standards to improve their cloud security. This allows us to implement federal best practices for cloud security across every agency we work with.”

Lilli Oetting

Co-Founder and CTO, Esper

Esper joins only 271 other cloud-service providers (CSPs) that have achieved FedRAMP authorization.

Understanding the FedRAMP authorization process

Prior to Esper’s FedRAMP Authorized designation, the cloud offering was FedRAMP In Process, which indicates a federal agency’s intent to authorize.

Once the initial assessment was completed and the partnering agency granted an Authorization to Operate (ATO), FedRAMP conducted a review of the authorization package materials—as pictured above—to verify Esper’s security control implementations adhered to the FedRAMP LI-SaaS baseline requirements.

“The FedRAMP program ensures software providers meet an appropriate standard of business continuity and security for government agencies to procure modern tools with confidence as they relate to ongoing operations.”

Chris Dunn

VP of Engineering, Esper

Security-first playbook 

Esper approaches security and compliance activities as fundamental cornerstones of a government-ready product. This extends to all areas of Esper’s solution guiding every software, team and partnership decision. All vendor selections by Esper are required to adhere to FedRAMP or equivalent compliance guidelines. This includes using AWS as a cloud hosting provider, integration with FedRAMP Authorized system health tools and ongoing auditing with FedRAMP-recognized Third Party Assessment Organizations (3PAOs).

FedRAMP authorization is just the beginning for Esper. As the product line evolves, Esper will seek other relevant compliance to ease procurement for all types of industry. Through ongoing disclosure of past performance and audit results, Esper intends to promote confidence in the platform for all buyers and industries.

A trusted partner to governments

Esper’s secure, cloud-based policy software has been deployed by local, state and federal government agencies across the country.

The New Hampshire Department of Education deployed Esper in September 2021, allowing the department to securely draft, collaborate and manage all of their administrative rulemakings. Additionally, the Washington State Department of Health will leverage Esper’s cloud platform for all of their rulemaking processes and citizen engagement on policies.

ABOUT ESPER

Esper’s suite of policy workflow and management tools are purpose-built for government agencies across the United States. Their cloud-based, SaaS platform allows for data-driven research, collaborative policymaking and public-facing engagement on the policies that impact citizens and employees.