Netskope for federal, state and local government

Enabling government agencies and organizations to protect mission-critical data and personnel by securing usage of cloud managed and unmanaged applications (Shadow IT), across all networks, locations, and devices, essentially the new perimeter.

Executive Order on Improving the Nation’s Cybersecurity

The White House released an Executive Order on Improving the Nation’s Cybersecurity, ordering a Zero Trust implementation and a very aggressive adoption deadline. The order explains Zero Trust in architecture terms—something Netskope has also underscored. We must go beyond access control and isolation to enforce continuous Zero Trust security policies: real-time access and policy controls that adapt on an ongoing basis based on users, devices, apps, threats, and data context.

Putting Security Front and Center in the New World of Hybrid Work

Netskope conducted a survey of 230 IT professionals across federal, state, and local governments from April 22-30, 2021 to better understand the state of remote work in the public sector, the security challenges facing government agencies, and to ultimately determine if agency security declined, improved, or stayed the same as a result of the shift to a majority remote workforce.

Get the research brief

Putting Security Front and Center in the New World of Hybrid Work white paper

Cloud Security for Government

Netskope is the leader in cloud security for federal, state, and local government agencies, helping each comply with regulations, protect sensitive data, and defend against the latest and emerging threats. The Netskope platform supports TIC 3.0 and is built on New Edge, the world’s largest, highest performing and most connected SASE-ready private cloud. Empower your agency today with Netskope’s unrivaled visibility and real-time data, defend against the threats of tomorrow, and take advantage of cloud without sacrificing security.

Netskope is FedRAMP authorized

We never stop delivering on the latest government requirements and needs, the toughest problems, and the best way to help our customers secure their mission in the cloud and on the web. TIC 3.0 will help to assure your compliance as we provide a full featured security stack built in the cloud, and for the cloud, where our customers can turn on the features they desire when they need them.

Netskope’s Security Cloud Platform meets the Federal Risk and Authorization Management Program (FedRAMP) requirements and has achieved FedRAMP Authorization.

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Press release

Navigating Cloud Security: A Netskope Fed Cyber Podcast

Take a listen to Navigating Cloud Security: A Netskope Fed Cyber Podcast, where we discuss key cloud security trends that impact how federal agencies can enhance mission success in today’s new operational landscape.

Compliance

AICPA SOC 2

Netskope System & Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Netskope achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Netskope controls established to support operations and compliance. Learn More.

To request for a copy of our SOC 2 Report, please contact us.

AICPA SOC 3

To request for a copy of our SOC 3 Report, please contact us.

FedRAMP

FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program enables government agencies to adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT.

Click here to learn more about Netskope’s Authorization.

ISO 27001

The International Organization for Standardization 27001 Standard (ISO 27001) is an information security standard that ensures office sites, development centers, support centers and data centers are securely managed. These certifications run for 3 years (renewal audits) and have annual touch point audits (surveillance audits).

To request the ISO 27001 certification, please contact us.

ISO 27018

The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.

To request the ISO 27018 certification, please contact us.

CSA STAR

The CSA Security, Trust and Assurance Registry (STAR) encompasses the key principles of transparency, rigorous auditing, harmonization of standards, with continuous monitoring. STAR consists of three levels of assurance, which currently cover four unique offerings all based upon a succinct yet comprehensive list of cloud-centric control objectives in the CSA’s Cloud Controls Matrix (CCM). CCM is the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing.

Click here to view our CSA STAR Level II Certification.

Privacy Shield

For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.

The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

TRUSTe

TRUSTe has assessed Netskope for compliance with the TRUSTe Privacy Certification. For more detail about our TRUSTe certifications, please click here.

Cloud Computing Compliance Controls Catalog (C5)

Cloud Computing Compliance Controls Catalog (C5) is a German Government-backed attestation scheme introduced in Germany by the Federal Office for Information Security (BSI) to help organizations demonstrate operational security against common cyber-attacks within the context of the German Government’s “Security Recommendations for Cloud Providers”.

To request the C5 copy please contact us.

California Consumer Privacy Act

Netskope supports the customer’s compliance for Processing covered by the California Consumer Privacy Act of 2018 (the “CCPA”). To confirm applicable aspects of the CCPA in connection with Customer’s use of the Services, Netskope has provided this Compliance Statement. This notice supplements the Netskope Privacy Policy.

Data Processing Addendum

View Netskope’s Customer Data Processing Addendum (DPA)

To execute Netskope’s Customer DPA please follow the instructions on page 1 of the DPA. Please return an executed copy of the DPA to [email protected].

For any questions or queries or to request a copy of the DPA in an alternative format, please contact us at [email protected].

AICPA SOC 2

To request for a copy of our SOC 2 Report, please contact us.

AICPA SOC 3

To request for a copy of our SOC 3 Report, please contact us.

FedRAMP

Click here to learn more about Netskope’s Authorization.

ISO 27001

To request the ISO 27001 certification, please contact us.

ISO 27018

The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.

To request the ISO 27018 certification, please contact us.

CSA STAR

Click here to view our CSA STAR Level II Certification.

Privacy Shield

For certain Services, for which we act as a data processor, Netskope has certified under the EU-U.S. Privacy Shield framework. For more details about the scope of the certification, click here.

TRUSTe

TRUSTe has assessed Netskope for compliance with the TRUSTe Privacy Certification. For more detail about our TRUSTe certifications, please click here.

Cloud Computing Compliance Controls Catalog (C5)

To request the C5 copy please contact us.

California Consumer Privacy Act

Data Processing Addendum

View Netskope’s Customer Data Processing Addendum (DPA)

To execute Netskope’s Customer DPA please follow the instructions on page 1 of the DPA. Please return an executed copy of the DPA to [email protected].

For any questions or queries or to request a copy of the DPA in an alternative format, please contact us at [email protected].

Trusted Internet Connection (TIC)
Use Cases

Netskope meets CDM, TIC 3.0 and provides capabilities to adopt a zero-trust architecture adhering to NIST SP 800-207 principles. TIC 3.0 expands upon the original program to drive security standards and leverage advances in technology as agencies adopt mobile and cloud environments. The goal of TIC 3.0 is to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications.

Get the white paper

The granular access you need

Assess risk

Understand and manage the risks associated with your growing cloud and web usage.

Secure data

Identify and protect sensitive data stored in the cloud, as well as control data being uploaded, downloaded, and shared.

Protect against advanced threats

Inspects traffic that other security solutions cannot, such as sync clients, mobile apps, TLS-encrypted cloud services and websites to identify and address threats.

Audit, investigate and report

Create a granular, contextual audit trail of all your cloud activities for your forensic investigations, auditing and compliance reporting purposes. Map your cloud security and visibility from Netskope to the NIST controls framework.

Adapt access controls and policies

Carve out risky activities in sanctioned and unsanctioned services and websites, with granular policies that take into account user, service, device, location, activity, and content.