Are you a cloud/service provider who services or is thinking about servicing the US Government? If your customers require their cloud/data center services to be FedRAMP compliant, we can help!
Device42 users looking to demonstrate compliance with the security controls outlined by FedRAMP (Federal Risk and Authorization Management Program), and/or those of you looking to perform a FedRAMP-compliant inventory to assess your readiness: Device42’s new DOQL query can generate and automatically fill the majority of your FedRAMP inventory for you!
If you’re looking to jump right into it, head to our GitHub page to grab the FedRAMP DOQL query. If you’d like to know more, continue below!
What is FedRAMP?
Per the FedRAMP FAQ:
“FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used by the US government. Because its goal is to protect US citizen data in the cloud, it is government’s most rigorous security compliance framework.”
In a nutshell, FedRAMP outlines a set of mandatory standard “service models” and processes and assessments that private sector companies can use to demonstrate that their cloud and other offerings meets a standard set of security guidelines outlined by the United States Federal Government for varying levels of security sensitivity.
The FedRAMP authorization process can save both you and the government time and money vs. repeating similar (or vastly differing!) compliance audits over and over for multiple potential government agency customers. Businesses that serve, or that may be interested in serving government customers can complete one of the two outlined FedRAMP agency authorization processes, to get listed as “FedRAMP in Process” on the FedRAMP Marketplace.
Once the FedRAMP process is successfully completed, you’re vendor listing will be re-classified “Authorized” on the marketplace, making it easy for both the Federal Government and others who utilize their standards to find you, a provider of compliant cloud and vendor services.
Device42 can help you with your FedRAMP inventory!
You are likely already familiar with Device42’s comprehensive autodiscovery, which accurately discovers all of your hardware, software, services, and supporting infrastructure. Now, you can leverage your accurate Device42 IT inventory data to assist you with the FedRAMP compliance process!
Device42’s new FedRAMP inventory DOQL query can output your inventory data in the format defined by FedRAMPs latest (A13) inventory template, helping you automate a big part of the FedRAMP authorization process! An example of the data output from the query is below:
Whether you’ve already started the process, or are just looking to start, let us help make it easier! Download the new FedRAMP query (and while you’re at it, check out all of our other ready-to-run DOQL scripts!) and get on your way to a “FedRAMP Authorized” listing!
View or Download the FedRAMP Query JSON file from our GitHub, here: https://github.com/device42/DOQL_scripts_examples/blob/master/examples/fedramp.json.sample