Lookout, Inc., today announced that the Lookout Security Platform, its Secure Access Service Edge (SASE) solution, obtained Federal Risk and Authorization Management Program (FedRAMP) Joint Advisory Board (JAB) Provisional Authority to Operate (P-ATO). The P-ATO streamlines federal agencies ability to deploy the Lookout SASE solution, reducing the time and complexity of evaluating and approving the platform for use in their own cloud environments.
Established in 2011, FedRAMP aims to accelerate the adoption of secure cloud solutions through reuse of assessments and authorizations, increase confidence in cloud solution security and ensure consistent application of existing security practices. There are two types of FedRAMP Authorizations: a P-ATO granted by the JAB and an Agency Authority to Operate (ATO) issued by individual agencies. The JAB is the primary governing body for FedRAMP and includes the Department of Defense (DoD), Department of Homeland Security (DHS), and General Services Administration (GSA). This FedRAMP P-ATO is an expansion of the prior P-ATO on the FedRAMP Marketplace for the Lookout Security Platform Mobile Endpoint Security solution.
The Lookout Security Platform is a scalable cloud-delivered solution to protect agency data accessed by any endpoint from any location in any application including on-premises apps, SaaS apps and enterprise apps running in IaaS. The platform enables government agencies to meet the Zero Trust Architecture requirements in the Executive Order 14208 and mitigate risk when enabling critical initiatives like digital transformation and telework. “The FedRAMP JAB P-ATO offers federal agencies the opportunity to more quickly and more effectively implement Zero Trust architecture and move away from obsolete, perimeter-based security approaches,” said Tony D’Angelo, vice president of U.S. public sector at Lookout. “Given SASE and its associated elements are foundational to Zero Trust, this authorization is a critical development as agencies work to comply with federal Zero Trust requirements as set forth in both the Biden Administration’s cybersecurity Executive Order (14028) and the Administration’s updated Zero Trust strategy released on January 26 from the Office of Management and Budget (M-22-09).”
