MuleSoft is proud to announce the development of a FedRAMP In Process implementation of Anypoint Platform, reflecting our investment in meeting the strict security and quality standards outlined by the US Federal Government as part of the Federal Risk and Authorization Management Program (FedRAMP).
As of today, MuleSoft is the first and only company with an integration platform to be sponsored for authorization, reflecting our unique commitment toward enabling both on-premises and cloud integration in the federal government.
The need for cloud-based integration in government
In response to the federal government’s Cloud First initiative, agencies across government are moving to the cloud at an accelerated rate – moving on-premise applications, data, and workloads to public or private cloud environments, and adopting SaaS technologies like Salesforce, ServiceNow, and Workday.
However, what many in government have found is that integration has emerged as a bottleneck preventing government agencies from realizing the benefits of the cloud.
Even though a growing number of applications adopted by the government are cloud-based, the underlying integrations connecting these applications are still based on-premises, meaning that government IT teams still have to spend time provisioning and maintaining infrastructure to ensure that their middleware doesn’t become a performance bottleneck for their applications.
For the first time, government agencies will have a FedRAMP authorized cloud integration solution to these challenges. With Anypoint Platform, agencies will be able to either deploy on-premises, on their own IaaS platform, or on MuleSoft’s FedRAMP authorized Government Cloud, providing the deployment flexibility to meet the security requirements of any digital transformation initiative within the agency. As part of our unified platform, government agencies can marry industry-leading integration capabilities with full API lifecycle management: designing, deploying and managing APIs within a cloud environment.
In doing so, our vision is for Anypoint Platform to enable the same type of cloud-centered digital transformation in government that it has driven with private sector industry leaders such as McDonald’s, Coca-Cola, and Unilever.
What MuleSoft is doing to become FedRAMP authorized
MuleSoft is making significant investments in our overall operations, product security, and deployment environments to create a FedRAMP authorized offering available for government customers.
Today, we’re working with the Federal Communications Commission to guide our product investment in a way that ensures we meet FedRAMP authorization requirements. Additionally, we are scaling our operational capability to provide a dedicated US-only support for customers who are deployed in our FedRAMP environment.
On the product front, while many security controls included in FedRAMP requirements are already a part of Anypoint Platform, we are enhancing our product and policies to meet additional requirements needed by the government. In addition to making significant enhancements in physical and logical security based on FedRAMP and NIST 800-53 requirements, we will be making all hardware and software encryption FIPS compliant. Furthermore, we will be deploying our product to AWS GovCloud – a FedRAMP High authorized ITAR compliant environment and restricting access to US persons to meet the security requirements of US federal agencies.
In total, these changes will not only provide the federal government with a FedRAMP compliant cloud integration offering but will also make our market-leading platform even more secure for non-government customers.
As the government’s move to the cloud continues to accelerate, developing a cloud-friendly integration strategy has become a strategic imperative for agencies. With Anypoint Platform, these agencies will now have a cloud-friendly integration technology that is tightly aligned with this vision, enabling agencies to more quickly and securely migrate applications to the cloud and adopt SaaS technologies.