AWS Public Sector Blog

Smartsheet Gov achieves FedRAMP P-ATO, taps AWS GovCloud (US) and ATO on AWS to accelerate journey

Smartsheet, a cloud-based platform for work execution, recently announced that Smartsheet Gov achieved a Federal Risk and Authorization Management Program (FedRAMP) Provisional Authority to Operate (P-ATO). Smartsheet Gov is a secure solution that enables federal agencies to organize and scale processes, streamline workflows, and automate repetitive yet critical tasks, built on AWS GovCloud (US). The Joint Authorization Board (JAB)-issued authorization enables U.S. federal government customers to increase their use of the Smartsheet Gov platform to help them modernize their IT missions.

“By building on AWS GovCloud, Smartsheet and their government customers may host sensitive data and regulated workloads, while meeting stringent US government security and compliance requirements,” said Dave Levy, Vice President of U.S. Federal Government at AWS.

Smartsheet is an Amazon Partner Network (APN) member and leveraged resources available through the ATO on AWS program – including building a community of experts from Anitian, GitHub, CIS, Yubico, Trend Micro, Puppet, Saint, Sherlock, and Barracuda – to go from having no presence in AWS GovCloud (US) to FedRAMP ready in less than 90 days. Typical timeframes for this process are sometimes as long as 12-18 months. Smartsheet also collaborated with APN Consulting Partners Kratos for security documentation and Coalfire as the FedRAMP 3PAO (Third-Party Assessment Organization).

Learn more about the Authority to Operate (ATO) on AWS program and the ways it accelerates the compliance journey for Independent Software Vendors (ISVs) who aspire to achieve a compliance authorization, such as FedRAMP, Defense Federal Acquisition Regulation Supplement (DFARS), Payment Card Industry (PCI), Criminal Justice Information Services (CJIS), and many other compliance programs.

To hear more about Smartsheet’s compliance journey and ATO on AWS, watch Smartsheet Gov’s presentation at the 2019 AWS Public Sector Summit in Washington, DC.

About AWS GovCloud (US)

AWS GovCloud (US) is AWS’s set of physically and logically separated regions for infrastructure and services, designed for US government agencies at the federal, state, and local levels, as well as US entities in aerospace, healthcare, finance, and other regulated industries. These regions allow customers to meet a variety of compliance and regulatory requirements, including FedRAMP High and Moderate baselines, ITAR, DoD SRG IL5, CJIS, and HIPAA, allowing customers to host sensitive Controlled Unclassified Information (CUI) and all types of regulated workloads in the cloud.