IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Here Are the 29 Companies on StateRAMP's List So Far

StateRAMP made it easier for companies that are already in the FedRAMP marketplace to get in, and the initial list is made up mostly of FedRAMP vendors. Here are the companies that have made the leap.

Data Center
StateRAMP, a new program to certify the cybersecurity practices of cloud vendors working with state and local government, is officially up and running with its first verified vendors.

The initial list of 24 vendors and 51 products, published last month, has since grown to 29 vendors and 58 products. That includes vendors who are currently in the process of verification.

As of this writing, these are the companies who have achieved a StateRAMP status:
The program, modeled after FedRAMP, is meant to bring standardization — and thus, confidence — to cloud technology for state and local governments. But the FedRAMP process has been described by vendors as arduous, and many tech companies that work with state and local government have no business with federal agencies. StateRAMP brings a similar method down to the lower levels of government, where concerns about cloud security are often a barrier to migration.

"The continuous monitoring function of StateRAMP is the real difference maker for state and local governments seeking to trust but verify their providers have security controls and processes in place to ensure the data we are placing with them is protected,” said J.R. Sloan, Arizona’s CIO and the president of StateRAMP’s board of directors, in a statement. “Gone are the days of checking a box through self-attestation or submitting a one-and-done SOC 2 Report to validate security. We must adapt to meet the evolving cyber threats, and that requires constant monitoring and reporting so that, as users of technology, state and local governments can be prepared to take action quickly to protect their systems and data, when needed."

The list includes companies that range from giants such as Google and Microsoft down to smaller and newer companies such as ZibaSec. StateRAMP provided a pipeline for companies with FedRAMP designations to complete the process more quickly, and most of the companies on StateRAMP’s list so far have already entered the FedRAMP marketplace.

There are just four vendors on the list with a “verified” designation — Knowledge Services, OCLC, Project Hosts and Zscaler — but it’s possible some of the companies with a “progressing” designation have already been verified and are seeking a higher status.
Ben Miller is the associate editor of data and business for Government Technology. His reporting experience includes breaking news, business, community features and technical subjects. He holds a Bachelor’s degree in journalism from the Reynolds School of Journalism at the University of Nevada, Reno, and lives in Sacramento, Calif.
Special Projects
Sponsored Articles