After a rigorous review and certification process, the RSA Federal cybersecurity solution was formally authorized by the Federal Risk and Authorization Management Program (FedRAMP) for use by any US government agency. The 2022 authorization marked a key milestone in our mission to help federal agencies secure and accelerate their adoption of cloud services, in accordance with the 2021 executive order calling for government agencies to move more quickly toward secure cloud services.
As cloud spending continues to grow in the US public sector, RSA is uniquely equipped to help government agencies in their move to the cloud—particularly those agencies that must also maintain at least some IT capabilities on-premises. RSA ID Plus for Government provides true hybrid cloud capabilities that support secure access whether an organization operates on-premises, in the cloud, or both.
One example of how RSA ID Plus for Government supports specific public-sector security requirements is in cases where the physical environment necessitates using hard tokens for multi-factor authentication (MFA), but the agency wants to take advantage of the cloud to streamline operations and reduce overhead. In that situation, an agency can use hard tokens on-premises as needed—but manage them in the cloud, using the RSA Cloud Authentication Service (CAS).
FedRAMP authorization is an important step not only for RSA customers in the federal government, but also for their employees and the citizens who rely on their services. Moreover, it signals to large, complex, and security-conscious organizations beyond the federal space that RSA meets the highest security standards for operating in the cloud. In pursuing FedRAMP approval, RSA added 325 security and privacy controls to support government agencies and Federal System Integrators; those new controls will improve our capabilities for organizations outside of the public sector.
As Jim Taylor, Chief Product Officer, SecurID has said, “The result of this certification has improved upon our cybersecurity software for not only government organizations, but our commercial products as well.”
In addition to RSA ID Plus for Government, RSA can help federal agencies meet EO14028, OMB M-22-09, and OMB M-24-14 with the RSA iShield Key 2 series, powered by Swissbit.
Built to meet the most stringent cybersecurity requirements, the RSA iShield Key 2 series features FIDO2, PIV, HOTP support and a FIPS 140-3 certified smart chip. The solution easily integrates with RSA ID Plus for Government, providing government agencies with full control over their identity and access management strategy.