FedRAMP SaaS-Level Compliant Clouds
Project Hosts is a recognized Cloud Services Provider (CSP) and leader in delivering FedRAMP SaaS-level compliant cloud solutions for U.S. government agencies. We have been hosting cloud-based software solutions for more than a decade, serving thousands of government agencies, global enterprises and medium-sized businesses.
We offer FedRAMP solutions that are SaaS-level compliant with an Agency ATO and support 100% of the security controls required to meet this standard.
Our Federal Private Cloud for Windows and Linux Applications (FPC) provides cloud-based access to Microsoft applications including SharePoint, Project Server, Dynamics CRM, Power BI, Visual Studio, TFS, Remote Desktop, and Office; applications from other commercial software vendors such as AvePoint, BrightWork, Gimmal, Innovative-e, Nintex, UMT360, and Urban Turtle; and open source applications such as Drupal, WordPress and Joomla for agency website content management. A hybrid cloud architecture allows agencies to leverage shared services for some functions (e.g. authentication, monitoring, scanning) while still having the option to choose dedicated servers for applications and databases. The option for dedicated virtual or physical servers allows agencies to meet compliance requirements and also provides them with greater flexibility to implement customizations to meet their functional requirements.
"Project Hosts is the first Cloud Service Provider to have demonstrated compliance with the rev4 FedRAMP baseline," said Matt Goodrich, FedRAMP Director, GSA. "Through the CSP supplied path, Project Hosts' environment was assessed by a FedRAMP-accredited 3APO confirming the completion of the FedRAMP Security Assessment Framework, paving the way for Project Hosts' customer to grant their Agency ATOs."
We also have an ISV FedRAMP Program that is sponsored by the Microsoft Azure Team and a Salesforce ISV FedRAMP program. These program enable ISVs to deliver their apps in a FedRAMP SaaS-level compliant cloud on Azure Gov in order to sell to federal and state agencies. It fast-tracks ISVs into Azure Gov, enables ISVs to sell their applications to federal and state agencies, and helps build an eco-system of government applications on the Azure Gov platform.
Federal and state government agencies can procure Project Hosts FedRAMP SaaS-level compliant solutions directly from the GSA Schedule listing of Federal Private Clouds.
The following Microsoft-based applications and solutions are now available from Project Hosts in FedRAMP SaaS Compliant Private and Community Clouds. For quick descriptions and links for these applications, following this link: FedRAMP ISVs and Apps.
FedRAMP SaaS-Level Compliant Solutions available in Project Hosts' Federal Private Cloud:
- AvePoint - SharePoint Governance compliant and management
- BrightWork - Project & Portfolio Management on SharePoint
- Drawloop - Salesforce Document Generation
- Drupal - Website Content Management System
- Dynamics CRM (MSFT) - Advanced Customer Relationship Management
- Gimmal - SharePoint Information Governance Solutions
- Innovative-e - Project Management on Your Terms (PMOYT)
- Joomla! - Website Content Management System
- Nintex - Workflow Automation Solution for SharePoint
- ProjectServer (MSFT) - Industry Leading Project and Portfolio Management Solution
- Remote (virtual) Desktop (MSFT) - Eliminate Security Risks with Zero Local Data
- SharePoint (MSFT) - Advanced Collaboration and Documentation Management
- Team Foundation Server (MSFT) - Website Content Management System
- UMT360 - Enterprise Portfolio Management Solutions
- Urban Turtle - Advanced SW Development and Collaboration Platform
- WordPress - Website Content Management System
"By achieving FedRAMP compliance at the SaaS level for Microsoft SharePoint, Project, TFS and CRM, we are removing a huge IT burden and expense for any government agency considering building their own FedRAMP or FISMA compliant deployment," said Scott Chapman, CEO and Co-Founder of Project Hosts, Inc. "FedRAMP SaaS compliance at the Moderate impact level means that we have fully implemented all of the 326 unique security controls required to achieve this standard, unlike IaaS FedRAMP certified platforms which only fully implement around 70 controls, leaving it up to each agency to implement the remaining 78% of the security controls."
In addition to providing FedRAMP SaaS Solutions for agencies in need of Private or Community Clouds, Project Hosts offers programs to assist ISVs and Agencies implement and achieve their own FedRAMP compliant offerings. Our FedRAMP Agency Authorization Program is targeted to U.S. Government Agencies who want to deploy and manage their own FedRAMP-approved Cloud Solutions. By partnering with Project Hosts, agencies can get their own "Authority To Operate" credentials. Our FedRAMP Solution Authorization Program is for ISVs and Cloud Service Providers (CSPs), who partner with Project Hosts to get their specific Application Solution compliant with FedRAMP Authority to Operate (ATO) standards.
FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. The program was developed to significantly reduce the effort and expense that would be incurred by government agencies to achieve high-level standards for securing government data. Designed as an "approve once, deploy many" program, authorized Cloud Service Providers (CSPs) would attain a provisional Authority To Operate (ATO) and provide cloud services for many agencies. Government agencies can then select an authorized CSP in an effort to save taxpayer expense on government IT infrastructure and cloud applications. The JAB is the primary governance group of the FedRAMP program, consisting of the chief information officers of the Department of Defense, the Department of Homeland Security and the U.S. General Services Administration. The FedRAMP program supports the U.S. government's "Cloud-First" initiative to enable U.S. federal agencies to use managed service providers that enable cloud computing capabilities. The FedRAMP program is designed to comply with the Federal Information Security Management Act of 2002 (FISMA). Government agencies are required to use FedRAMP authorized cloud services since last year.