SolutionsNetskope for government

Netskope for federal, state and local government

Enabling government agencies and organizations to protect mission-critical data and personnel by securing usage of cloud managed and unmanaged applications (Shadow IT), across all networks, locations, and devices, essentially the new perimeter.

Résumé de solution Fiche technique

Netskope is FedRAMP authorized

We never stop delivering on the latest government requirements and needs, the toughest problems, and the best way to help our customers secure their mission in the cloud and on the web. TIC 3.0 will help to assure your compliance as we provide a full featured security stack built in the cloud, and for the cloud, where our customers can turn on the features they desire when they need them.

 

Netskope’s Security Cloud Platform meets the Federal Risk and Authorization Management Program (FedRAMP) requirements and has achieved FedRAMP Authorization.

 

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Communiqué de presse
Secteur public

Conformité

AICPA SOC 2

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

 

To request for a copy of our SOC 2 Report, please contact us.

AICPA SOC 3

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

 

To request for a copy of our SOC 3 Report, please contact us.

FedRAMP

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program enables government agencies to adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT.

 

Click here to learn more about Netskope’s Authorization.

ISO 27001

The International Organization for Standardization 27001 Standard (ISO 27001) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).

To request the ISO 27001 certification, please contact us.

ISO 27018

The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.

To request the ISO 27018 certification, please contact us.

CSA STAR

The CSA Security, Trust and Assurance Registry (STAR) encompasses the key principles of transparency, rigorous auditing, harmonization of standards, with continuous monitoring. STAR consists of three levels of assurance, which currently cover four unique offerings all based upon a succinct yet comprehensive list of cloud-centric control objectives in the CSA’s Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.

Click here to view our CSA STAR Level II Certification.

Privacy Shield

For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.

The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

TRUSTe

TRUSTe has assessed Netskope for compliance with the TRUSTe Privacy Certification. For more detail about our TRUSTe certifications, please click here.

Cloud Computing Compliance Controls Catalog (C5)

Cloud Computing Compliance Controls Catalog (C5) is a German Government-backed attestation scheme introduced in Germany by the Federal Office for Information Security (BSI) to help organizations demonstrate operational security against common cyber-attacks within the context of the German Government’s “Security Recommendations for Cloud Providers”.

To request the C5 copy please contact us.

California Consumer Privacy Act

Netskope supports the customer’s compliance for Processing covered by the California Consumer Privacy Act of 2018 (the “CCPA”). To confirm applicable aspects of the CCPA in connection with Customer’s use of the Services, Netskope has provided this Compliance Statement. This notice supplements the Netskope Privacy Policy.

Data Processing Addendum

View Netskope’s Customer Data Processing Addendum (DPA)

To execute Netskope’s Customer DPA please follow the instructions on page 1 of the DPA. Please return an executed copy of the DPA to [email protected].

For any questions or queries or to request a copy of the DPA in an alternative format, please contact us at [email protected].

AICPA SOC 2

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

 

To request for a copy of our SOC 2 Report, please contact us.

AICPA SOC 3

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

 

To request for a copy of our SOC 3 Report, please contact us.

FedRAMP

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program enables government agencies to adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT.

 

Click here to learn more about Netskope’s Authorization.

ISO 27001

The International Organization for Standardization 27001 Standard (ISO 27001) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).

To request the ISO 27001 certification, please contact us.

ISO 27018

The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.

To request the ISO 27018 certification, please contact us.

CSA STAR

The CSA Security, Trust and Assurance Registry (STAR) encompasses the key principles of transparency, rigorous auditing, harmonization of standards, with continuous monitoring. STAR consists of three levels of assurance, which currently cover four unique offerings all based upon a succinct yet comprehensive list of cloud-centric control objectives in the CSA’s Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.

Click here to view our CSA STAR Level II Certification.

Privacy Shield

For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.

The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

TRUSTe

TRUSTe has assessed Netskope for compliance with the TRUSTe Privacy Certification. For more detail about our TRUSTe certifications, please click here.

Cloud Computing Compliance Controls Catalog (C5)

Cloud Computing Compliance Controls Catalog (C5) is a German Government-backed attestation scheme introduced in Germany by the Federal Office for Information Security (BSI) to help organizations demonstrate operational security against common cyber-attacks within the context of the German Government’s “Security Recommendations for Cloud Providers”.

To request the C5 copy please contact us.

California Consumer Privacy Act

Netskope supports the customer’s compliance for Processing covered by the California Consumer Privacy Act of 2018 (the “CCPA”). To confirm applicable aspects of the CCPA in connection with Customer’s use of the Services, Netskope has provided this Compliance Statement. This notice supplements the Netskope Privacy Policy.

Data Processing Addendum

View Netskope’s Customer Data Processing Addendum (DPA)

To execute Netskope’s Customer DPA please follow the instructions on page 1 of the DPA. Please return an executed copy of the DPA to [email protected].

For any questions or queries or to request a copy of the DPA in an alternative format, please contact us at [email protected].

Trusted Internet Connection (TIC)
Use Cases

Netskope meets CDM, TIC 3.0 and provides capabilities to adopt a zero-trust architecture adhering to NIST SP 800-207 principles. TIC 3.0 expands upon the original program to drive security standards and leverage advances in technology as agencies adopt mobile and cloud environments. The goal of TIC 3.0 is to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications.

Obtenir le livre blanc

L'accès granulaire dont vous avez besoin

01

Assess risk

Comprenez et gérez les risques associés à une utilisation croissante du cloud et du Web.

Lire la suite
02

Sécurisation des données

Identifiez et protégez les données sensibles stockées dans le cloud et contrôlez les données en cours d'envoi, de téléchargement ou de partage.

Lire la suite
03

Protection contre les menaces avancées

Inspecte le trafic qui échappe encore aux autres solutions de sécurité (clients de synchronisation, applications mobiles ou sites Web, services cloud chiffrés en TLS, etc.) afin d'identifier et de traiter les menaces.

Lire la suite
04

Audits, enquêtes et analyses

Créez une piste d'audit précise et contextuelle de toutes vos activités dans le cloud à des fins d'audit, d'analyse « post-mortem » ou encore pour la création de rapports de conformité. Bénéficiez d'une visibilité et d'une protection optimales pour toutes vos activités cloud à partir de Netskope, conformément aux normes du NIST.

Lire la suite
05

Adaptez vos politiques et contrôles d'accès

Luttez contre les activités à risque auprès de services approuvés et non approuvés, mais aussi au niveau des sites Web, en appliquant des politiques précises qui tiennent compte de l'utilisateur, du service, du périphérique, du lieu, de l'activité et du contenu.

Lire la suite

Security is all about enabling the mission. For us, it’s crucial that we do that as we move out on the integrated health record, the digital transformation [and] the modernization efforts… It’s very easy to go off on the CDM ‘path’ unilaterally, it has to be part of a holistic front.

—Gary Stevens, Deputy CIO and Director of Cyber Strategy, Department of Veterans Affairs

Trusted by the largest government agencies

Ressources

Présentation de la solution : Netskope pour le secteur public
Solution Brief

Netskope for Government Solution Brief

Read this solution brief to learn more about how the Netskope Security Cloud helps government agencies and organizations with cloud and web security.

En savoir plus
Présentation de la solution : Netskope pour le secteur public

Redéfinissez votre périmètre.

Demander une démo Contactez-nous

Contactez-nous

Vos commentaires sont les bienvenus.