Who is this article for?

Customers who are required to comply with FedRAMP and need clarity on which Ideagen environments are authorized for handling FedRAMP data.

Access to Ideagen’s FedRAMP-authorized environments is required to store, share, or process FedRAMP data.

This article provides comprehensive and essential information for customers who are required to comply with the Federal Risk and Authorization Management Program (FedRAMP) standards when utilizing Ideagen products and services. It aims to guide and support clients in understanding the necessary compliance measures, ensuring that their use of Ideagen solutions aligns with the stringent security and regulatory requirements set out by FedRAMP.

1. What is FedRAMP?

FedRAMP, which stands for the Federal Risk and Authorization Management Program, is an initiative established by the United States government to create a uniform and standardized framework for cloud security and compliance. 

This program is specifically designed to ensure that cloud services used by federal agencies meet stringent security requirements, thereby protecting sensitive government data and systems. FedRAMP's guidelines and authorization processes are not limited solely to federal agencies; they also extend to contractors working with these agencies, as well as to state and local government entities that utilize cloud computing services. 

By providing a consistent approach to evaluating and monitoring cloud service providers, FedRAMP helps to streamline the adoption of secure cloud technologies across various levels of government, enhancing overall cybersecurity posture and fostering trust in cloud-based solutions.

2. Where FedRAMP data can be used

Only specific Ideagen environments are authorized under FedRAMP. These include:

• Ideagen Huddle (FedRAMP-authorized)
• Ideagen Government Cloud

If you are handling FedRAMP data or metadata, you must use one of these approved products.

Support ticket opening and management data is processed under a FedRAMP-compliant environment.

3. Where FedRAMP data cannot be used

Some Ideagen services, including Ideagen Luminate Community, Help, and Skills, are not FedRAMP authorized. This means:

• Do not share, store, or process FedRAMP data or metadata in these areas.
• Be cautious when posting in forums or contributing to articles to avoid disclosing sensitive or regulated information.

4. Best practices for FedRAMP users

• Always work within FedRAMP-authorized Ideagen environments when handling FedRAMP data.
• Use strong passwords and change them regularly.
• Do not share your login credentials with anyone.
• Report any suspicious or malicious activity to your internal Authorizing Officer (AO) and Ideagen Support.
• Review Ideagen’s privacy policy before posting or contributing in non-FedRAMP environments.

5. Need help?

If you are unsure whether your environment is FedRAMP authorized, contact your Authorizing Officer (AO) internally before taking any action. You can also reach out to Ideagen Support for additional guidance.