FedRAMP Authorization validates Casepoint’s leadership in security for eDiscovery and clears the way to provide cloud services to other agencies across the federal government
Enterprise eDiscovery technology leader Casepoint announced today that Casepoint Government, an eDiscovery and litigation support platform specially configured for government clients, has achieved FedRAMP Moderate Authorization. Casepoint achieved this significant milestone with the sponsorship of the U.S. Securities and Exchange Commission (SEC). The SEC recently selected Casepoint’s technology to pilot moving their eDiscovery to the cloud. With this new authorization, other public sector clients can benefit from Casepoint’s fast, powerful, and easy to use eDiscovery solution for their litigation, investigation, examination, compliance, and FOIA needs.
The Federal Risk and Authorization Management Program, known as FedRAMP, is one of the federal government’s most rigorous security compliance frameworks. FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used in federal agencies. This approach applies a “do once, use many times” framework that reduces the cost, time, and staff required to conduct agency security assessments. Government data is extremely sensitive, and agencies must follow strict requirements for data integrity and defensibility. FedRAMP authorization is mandatory for federal agency cloud deployments.
“FedRAMP Authorization for Casepoint will allow us to support federal agencies that must meet the demands of increased litigation, growing data volumes, and the need to comply with strict security requirements,” said Amy Hilbert, Vice President, Casepoint Public Sector. “By achieving this authorization, we are able to help the federal government leverage artificial intelligence and advanced analytics-based tools that are built into our eDiscovery technology in order to stay ahead of the evolving legal, regulatory, business, and technology landscape.”
As Casepoint’s cloud security framework was already mature by industry standards even before it sought the FedRAMP designation, it was able to secure sponsorship from the SEC and take a faster path toward authorization via FedRAMP’s Agency Authorization Process. Once designated “In Process,” it only took a few months for Casepoint Government to become FedRAMP authorized. Casepoint is now one of only a few eDiscovery vendors to have fulfilled all the criteria for FedRAMP Authorization, which applies to every application in its fully integrated, end-to-end eDiscovery platform.
“We are thrilled—not only to have achieved FedRAMP Authorization with the SEC’s sponsorship, but also to have completed this rigorous process so quickly,” said Sundhar Rajan, Casepoint Chief Information Officer. “Casepoint has accomplished in a year what it takes many vendors several years to get done. That’s a testament to the rigor and culture of security that has been embedded in our company from the beginning. Our goal has always been to provide both public and private sector clients with stringent security standards within a fast, scalable, and flexible cloud computing environment.”
Since its inception, Casepoint has made data security a top priority, subjecting itself to strict approval processes and independent third-party auditing requirements for ISO 27001:2013 certification, as well as SOC 1 Type I and SOC 2 Type II attestations. These and other measures are part of a formal security program at Casepoint that operates continuously at the company level, the data center level, and the web application and database level.
Based on 12 years of innovation in the industry and broad experience in the public sector, Casepoint Government provides agencies with a scalable, secure, and customizable computing environment. When Casepoint designed the architecture for the latest version of Casepoint Government, it proactively built in new capabilities for meeting FedRAMP requirements, which included more than 300 different security controls. The company also made organizational and process changes to its support, operations, and maintenance functions to ensure all data managed in the platform would remain in the US—an important FedRAMP provision. In addition, Casepoint hired consulting firms to help them prepare for and navigate the FedRAMP authorization process, including a Third-Party Assessment Organization (3PAO) to conduct testing. Casepoint Government is designed to meet the government’s strictest security requirements while providing 100% US-based hosting, maintenance, support, and services.