FedRAMP & NIST SP 800-53 R4

    Harness the Power of a FedRAMP Compliant Cloud Solution

    In 2018, we pioneered new ground by initiating our software on a FedRAMP Authorized platform and infrastructure. From that pivotal moment, Sharetru has evolved into a crucial ally for a myriad of defense and aerospace companies, empowering them to confidently exchange sensitive data not just with the federal government, but beyond its borders, too

    Cloud Security According to Federal Standards

    Sharetru's commitment to security isn't just lip service—we've dedicated substantial resources to partnering with a FedRAMP moderate authorized CSP, becoming FedRAMP Moderate Equivalent according to the CMMC Program (32 CFR 170), and have been practicing security for 23 years.

    This means you can lean back, assured that you have an ally in Sharetru who is choosing the right partners to meet FedRAMP controls at both the IaaS and PaaS layers. Even more, our SaaS provides the cybersecurity controls defined in paragraphs (c) to (g) of DFARS 7012, solidifying our stance as a dependable choice for FedRAMP Moderate equivalency. Trust in Sharetru: we've got your cybersecurity covered.

    FedRAMP is a core set of controls and processes based substantially on the NIST SP 800-53 framework — so much so that the next revision will likely align directly to one another. It is targeted at cloud service providers (CSPs) used directly by federal agencies utilizing IaaS, PaaS, or SaaS service models.

    The FedRAMP and NIST SP 800-53 controls at the Moderate baseline are also used as a measuring stick by the Defense Industrial Base (DIB) when choosing a CSP to store or transmit controlled unclassified information (CUI) in non-federal systems.

    Sharetru: Meeting the Required Controls for FedRAMP Moderate

    Sharetru is one of only a few secure file sharing platforms serving defense and aerospace contractors’ requirements as a FedRAMP Moderate Equivalent SaaS company as stated by CMMC in 32 CFR 170

    Data Protection Icons Full Color (22)
    System Security
    Plan (SSP)

    Sharetru has stepped up its game with a System Security Plan for NIST 800-53, as required by the federal definition for FedRAMP Moderate Equivalency, ensuring unparalleled security for your data. It's not just about meeting standards; it's about providing you with the utmost confidence in a digitally risky era.

    Data Protection Icons Full Color (8)
    Moderate Baseline

    Sharetru embraces Moderate baseline controls, elevating the protection of your Controlled Unclassified Information (CUI) to new heights. This move isn't just compliance; it's a commitment to safeguarding your most sensitive data with utmost care.

    ShareTru Icons_Accountability
    Customer Responsibility Matrix (CRM)

    Sharetru's adoption of a well-documented Customer Responsibility Matrix (CRM) as outlined in 32 CFR 170 is a game-changer in CUI security. This strategic move ensures clarity and shared responsibility, enhancing the protection of your sensitive data.

    Data Protection Icons Full Color (36)
    FedRAMP Moderate Authorized IaaS & PaaS

    By partnering with an MSP with a FedRAMP Moderate authorized IaaS and PaaS, Sharetru meets the benchmark standards in cloud security. This advancement is a testament to our commitment to providing robust, compliant infrastructure for your critical data needs.

    Compliance - FedRAMP Foreground

    Why a FedRAMP Authorized or Equivalent CSP Matters

    If you’re a federal agency moving data or applications to the cloud, the benefit to choosing only FedRAMP Authorized CSPs is obvious; it is required by law. If you're a federal agency and can’t find a FedRAMP Authorized service that you like, consider sponsoring a CSP you prefer through the FedRAMP audit.

    If you’re a contractor subject to CMMC, NIST SP 800-171, and DFARS 7012 in need of software to securely transfer data files containing CUI, a FedRAMP Moderate Equivalent CSP has what you need to meet your security and compliance requirements according to 32 CFR 170

    Foundational Ways we Support FedRAMP Compliance

    We're not even close to being limited to the following features in how we support FedRAMP Authorization -- but as a baseline you should know we have you covered.

    Our Audit Features

    Permanent logs aren't just an add-on, they're your security fortress. They maintain an unchangeable record of every action, preserving data integrity and fostering accountability. These logs, your audit heroes, enable swift detection of irregularities and ensure compliance with regulatory mandates. They're not just important—they're your CUI's steadfast guardians, and provide your organization with several key benefits:

    • Accountability: Immutable and permanent logs at both the administrator and file levels create a precise, unchangeable record of every action taken. This transparency fosters a culture of accountability, crucial in handling sensitive CUI.
    • Data Integrity: Immutable logging ensures the integrity of your data. Any attempted changes, accidental or malicious, are logged and can be traced back, protecting your CUI from unauthorized alterations.
    • Security Audit: Permanent logs enable comprehensive audits, allowing you to detect and investigate potential security incidents swiftly. Early detection can make all the difference when it comes to preventing a full-blown data breach.
    • Incident Recovery: In case of an incident, these logs serve as a reliable source of truth. They can help identify what went wrong, aid in rectifying the issue, and inform measures to prevent a recurrence.

    Scalable Resources to Meet Enterprise Demands

    Scalable resources are crucial when it comes to handling Controlled Unclassified Information (CUI) for several reasons:

    • Changing Data Volumes: The volume of CUI that an organization manages can grow dramatically over time. Scalable resources ensure that your organization can handle large influxes of data without disruption or slowdown.

    • Risk Management: As the volume of data grows, so do the potential risks associated with managing that data. Scalable resources allow for more robust and flexible security protocols, better equipped to protect larger quantities of data.

    • Performance: Scalable resources ensure optimal performance, even as your data needs grow or change. This leads to more efficient processes, better user experiences, and ultimately a more successful operation.

    Data Security you Can Rely On

    When it comes to ironclad data security and meticulous FedRAMP compliance monitoring, Sharetru emerges as a frontrunner. But why, you ask? Sharetru integrates rigorous security controls right into its DNA. Our partnership with a FedRAMP moderate authorized CSP reflects our commitment to not just meet, but exceed federal security standards. And it doesn't stop there— with Sharetru, you're not just getting a service; you're investing in an ever-vigilant guardian of your data.

    • Automated File Retention Rules with Granular Permissions

    • Monitoring and vulnerability scanning through perimeter network security, including IDS, IPS, and virus and malware detection

    • FIPS 140-2 compliant Encryption at rest using AES-256 and encryption in transit at TLS 1.2


    Going Above and Beyond for Our Customers

    Sharetru has invested heavily in selecting and using a datacenter partner FedRAMP Moderate Authorized at the infrastructure and platform layers, so you don’t have to. Find out how you can benefit from working with a FedRAMP-compliant CSP today with a demo.

    Book Your Demo