The Security Office of ZyLAB has performed a thorough analysis and mapping of the FedRAMP controls and is happy to announce ZyLAB’s ISMS and Security and Privacy controls that are implemented within ZyLAB, are compliant to the FedRAMP Moderate baseline controls and requirements (NIST SP 800-53r4 1/23/15).
At ZyLAB, we highly value our customers who place their trust in our company every day. We feel and execute on the responsibility to manage and protect our customers’ information assets in exactly the same way as we protect our own.
The Management Team of ZyLAB is fully committed to comply with industry best practices in regards to information security as illustrated in our overall Information Security Management system (ISMS) & ISO Certification strategy. Since 2018, ZyLAB is ISO27001 certified. In addition, ZyLAB is CSA star level 1 certified and registered in the CSA registry.
Compelled by the requirements of the US market, ZyLAB has invested in compliance with the FedRAMP requirements and provides a detailed report on how those requirements are implemented within ZyLAB. You can read ZyLAB’s full FedRAMP compliancy statement in ZyLAB’s Trust Center.
About the FedRAMP Security Assessment Framework
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. Government program to standardize how the Federal Information Security Management Act (FISMA) applies to cloud computing services. Cloud computing offers many advantages over traditional computing. Through cloud computing, Federal Agencies are able to consolidate and provision new services faster, at the same time reducing information technology costs. Cloud computing also enables efficiencies for services to citizens and offers stronger cyber security safeguards than what is possible using traditional information technology (IT) methods.
FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud based services. FedRAMP uses a “do once, use many times” framework that intends to save costs, time, and staff required to conduct redundant Agency security assessments and process monitoring reports.
FedRAMP was developed in collaboration with the National Institute of Standards and Technology (NIST), the General Services Administration (GSA), the Department of Defense
(DOD), and the Department of Homeland Security (DHS). Many other Government Agencies and working groups participated in reviewing and standardizing the controls, policies and procedures. http://www.fedramp.gov.
FedRAMP is governed by Executive branch entities that work in collaboration to develop, manage, and operate the program.