FedRAMP Audits

FIPS Compliance & FedRAMP Audits

If you want to supply cloud-based services to the US Federal Government, you have to get FedRAMP approval. This certification process covers a whole host of security issues, but is very specific about its requirements on cryptography: you have to use FIPS 140-2 validated modules wherever cryptography is needed.