FedRAMP security controls deployed to all environments
Everlaw has long been at the forefront of best practices in security. Our commitment includes SOC 2 Type 2 certification since 2016, with current certification in Security, Privacy, Confidentiality, and Availability, as well as completing voluntary independent audits for GDPR and HIPAA compliance.
Last year, we reached another milestone, achieving FedRAMP Security Authorization with agency sponsorship from the U.S. Department of Justice (DOJ). The Federal Risk and Authorization Management Program (FedRAMP) prescribes the security requirements and processes cloud service providers must follow in order for the government to use their services, and as you can imagine, these requirements are robust. This authorization demonstrates Everlaw’s commitment to empowering the federal community with consumer-like, modern technology that meets their security needs.
But we’ve stayed focused on top-notch security for our non-federal customers too! With this release, we’ve taken a proactive approach by implementing applicable FedRAMP controls in Everlaw’s non-federal environments, ensuring that our commercial customers benefit from the comprehensive cloud computing security controls based on the NIST Special Publication 800-53 standards.
In a culmination of two years of engineering effort, Everlaw’s commercial environments now implement the overwhelming majority of the FedRAMP Moderate security controls. We’re excited to bring you these improvements as part of our holistic commitment to securing your data.