BlackMesh, a managed service provider (MSP) delivering fully managed dedicated and cloud-based solutions, has achieved authority to operate through the Federal Risk and Authorization Management Program (FedRAMP). This authority enables government agencies to quickly and easily adopt BlackMesh’s secure cloud-enabling Platform as a Service (PaaS) offering.
BlackMesh was sponsored in the FedRAMP process by the U.S. Department of Energy, which has utilized BlackMesh cloud services since 2010. With FedRAMP authorization, other federal agencies can easily adopt BlackMesh’s SecureCloud PaaS with the confidence it provides the highest degree of protection for vital government information.
“Achieving the FedRAMP ATO is significant for BlackMesh and our customers as it represents the most stringent standard for cloud service provider security,” said BlackMesh CEO Eric Mandel. “We have worked since BlackMesh’s first day to deliver cloud services that keep our government and other industry customers’ assets safe from exposure or infiltration.”
Founded in 2003, BlackMesh was built from the ground up with a vision to provide the most secure, end-to-end hosting services with a high level of customer support. Leveraging OpenStack and OpenShift for cloud hosting infrastructure, software development and deployment capabilities, BlackMesh’s SecureCloud service would deliver comprehensive support across the cloud stack, from hardware to application levels.
BlackMesh partners will also be able to leverage SecureCloud to deliver applications in a FedRAMP-compliant secure environment.
HIPAA, PCI, FISMA
BlackMesh platforms have achieved compliance with several of the most rigorous standards and regulations vital to government, financial services and healthcare, including the Payment Card Industry (PCI) data standard, the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA) and the Statement on Standards for Attestation Engagement No. 16 (SSAE-16).
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that saves cost, time and staff required to conduct agency security assessments of cloud service providers.