Exciting news to share with you this afternoon about Proofpoint's progress in the Federal space.
In an announcement issued just this afternoon (see, "Proofpoint Receives FISMA Certification from USDA"), Proofpoint announced that its its Proofpoint Enterprise Archive solution has been granted an Authority to Operate (ATO) by the United States Department of Agriculture (USDA).
Proofpoint was granted the ATO on April 19, 2011, based on its ability to meet the stringent requirements of the Federal Information Security Management Act (FISMA) certification and accreditation (C&A) process. FISMA certification and accreditation indicates that a federal agency has approved a particular solution for its use in line with the level of security established by that agency.
As noted in the announcement, Proofpoint Enterprise Archive is the first cloud-based archiving solution to be granted an ATO by a Cabinet-level agency.
The USDA is using Proofpoint’s email archiving solution in conjunction with that department's deployment of Microsoft's cloud-based Enterprise Messaging Services. This deployment will provide compliant email archiving for 120,000 Microsoft Exchange users spread throughout 21 departments, making it the largest US Federal government implementation of cloud-based enterprise email archiving technology.
Proofpoint Enterprise Archive will allow the USDA to easily access archived email for regulatory requests, retention policy adherence and legal discovery.
Susie Adams, the chief technology officer for Microsoft Federal said, "The U.S. Department of Agriculture has certified and accredited Microsoft’s cloud-based suite for government customers in accordance with FISMA, allowing Microsoft to provide these services to government customers. This milestone is further validation of the high standards of compliance and security within Microsoft’s cloud-based solutions."
You can find more comments from Susie Adams in her blog post in Microsoft's FutureFed blog. See, "USDA Awards FISMA Certification for Microsoft’s Business Productivity Online Suite (BPOS) - Federal."
Andres Kohn, Proofpoint's vice president or archiving and eDiscovery solutions, commented, "Many federal agencies are looking to cloud-based services to help them meet the dual challenges of tightening budgets and more severe and frequent security breaches. By achieving FISMA certification for our e-mail archiving solution in conjunction with Microsoft BPOS-Federal, Proofpoint is opening the door for more rapid adoption of cloud-based e-mail solutions throughout the US Federal community."
As you might imagine, achieving FISMA certification is a complex task, involving third-party assessments of a wide variety of security features and policies. In this case, SecureInfo Corporation assisted with the assessment of Proofpoint's solutions.
SecureInfo CEO Christopher Fountain said, "As a third-party assessor, SecureInfo has conducted thousands of information security assessments and has specific expertise in all aspects of FISMA compliance. As part of our assessment of Proofpoint’s enterprise email archiving solution, Proofpoint successfully demonstrated the effective implementation of the management, operational and technical controls , which was required to realize an ATO at the USDA and is a critical element of FISMA compliance."
Additional comments from SecureInfo's CTO, Yong-Gon Chon, about the complexity and rigor of these evaluations can be found in his guest post in the Microsoft Online Services Team Blog. See, "What Goes Into a FISMA Certification?"
We're looking forward to bringing the benefits of Proofpoint's SaaS email archiving solution to the USDA and other US Federal agencies.
