Symantec’s CASB, DLP Solutions Receive “In Process” Designation from FedRAMP

It can be difficult to overstate how much a Federal Risk and Authorization Management Program (FedRAMP) designation means for a security product. Last year alone, FedRAMP helped the government avoid spending an additional $170 million on cyber security. In total, FedRAMP authorized solutions currently cover one-third of the world’s internet traffic with providers, and protect more than five million digital assets.

“We’ve tried to continue to keep that bar high and enforce those things that are important to security,” FedRAMP Director Matt Goodrich recently said. “I think that’s one thing that’s continuing to make cloud get more and more adoption across the federal government. We’ve been able to show that many times, even with security, not only are you getting better services with cloud than what you’re getting with your own services – you’re getting better security many times as well.”

FedRAMP has become synonymous with security excellence, both inside and outside of the federal government.

That is why I am excited to announce that Symantec’s Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP) solutions have received an “In Process” designation from FedRAMP, under sponsorship from the Department of Homeland Security.

CASB allows agencies to confidently leverage cloud applications and services while staying safe, secure and compliant. DLP offers a single console and unified policy management for every channel – cloud, endpoints, storage, email and web – to protect sensitive data wherever it is used.

While an “In Process” designation does not yet give us authorization, it is an important step along that process. The “In Process” standard shows that we are actively working on the documentation and controls required to achieve an authorization, and that an agency is reviewing that documentation with the intent to provide an Authority to Operate (ATO).

More than anything, though, this announcement confirms Symantec’s commitment to the federal government. The FedRAMP authorization process is meant to validate security controls, to ensure that an industry solution is hardened enough to work in a government environment. The federal government has some of the highest standards for cloud solutions of any organization in the world. As a trusted partner and advisor to the government, taking part in the FedRAMP program shows how seriously we take our relationship with our federal customers, and the investments we are making in that regard.

Agencies face some of the most difficult security challenges, including protecting the country’s most sensitive information. Earlier this year, Symantec’s Email Security Service – Government received FedRAMP authorization, and we have a roadmap established for our other cloud capabilities to go through the process. Please keep an eye out for other announcements as we continue to push towards a full suite of FedRAMP authorized solutions.