Are there plans for apigee to be FedRAMP authorized/certified?
Is anyone using apigee in a NIST regulated environment? While they may be owned by Google, apigee appears to be operating independently and is not a FedRAMP authorized solution. Does anyone have any info or insights on whether one can use IGA tools that are FedRAMP compliant and also use apigee? I see that apigee is PCI compliant, so it wouldn't be a huge stretch for them to achieve FedRAMP authorized status. Any insight or guidance would be helpful. Thank you.
Unofficial response from Apigee - in case this is helpful to others:
We are working on FedRAMP certification. As per our engineering team, the best estimate for completion is around Q4 2020.
For reference, as of today, Apigee holds the following certifications:
• SOC 1 Type 2
• SOC 2 Type 2
• SOC 3
• PCI DSS
• ISO 27001
• ISO 27017
• ISO 27018
• HIPAA
• HITRUST
• BSI C5
Hi, Apigee X is now authorized for FedRAMP Moderate.
See: https://cloud.google.com/security/compliance/fedramp
w00t!
Thanks Paul!
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |