Casepoint Government, an eDiscovery and litigation support platform configured for government clients, has achieved FedRAMP Moderate Authorization. Casepoint achieved this authorization with the sponsorship of the U.S. Securities and Exchange Commission (SEC). The SEC recently selected Casepoint’s technology to pilot moving its eDiscovery to the cloud. With this new authorization, other public sector clients can use the platform for their litigation, investigation, examination, compliance, and FOIA needs.
FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services used in federal agencies. FedRAMP authorization is mandatory for federal agency cloud deployments. Casepoint is now one of only a few eDiscovery vendors to have fulfilled all the criteria for authorization.
Since its inception, Casepoint has made data security a top priority, subjecting itself to strict approval processes and independent third-party auditing requirements for ISO 27001:2013 certification, as well as SOC 1 Type I and SOC 2 Type II attestations. These and other measures are part of a formal security program at Casepoint that operates continuously at the company level, the data center level, and the web application and database level.
Casepoint Government has been designed to provide agencies with a scalable, secure, and customizable computing environment. When Casepoint created the architecture for the latest version of Casepoint Government, it proactively built in new capabilities for meeting FedRAMP requirements, which included more than 300 different security controls. The company also made organizational and process changes to its support, operations, and maintenance functions to ensure all data managed in the platform would remain in the U.S.—a FedRAMP provision. In addition, Casepoint hired consulting firms to help prepare for and navigate the FedRAMP authorization process, including a Third-Party Assessment Organization to conduct testing.