ESChat for Government is a hardened version of the ESChat broadband communication, collaboration, and interoperability platform. ESChat is a Secure Broadband Push-to-Talk (PTT) communication system that facilitates secure PTT communication, multimedia messaging, and a Common Operating Picture (COP) within and between agencies for mutual-aid or tactical purposes. ESChat for Government also supports external interfaces including Land Mobile Radio (LMR), dispatch consoles, and logging recorders.
ESChat for Government offers enhanced privacy and cybersecurity controls, meeting stringent security and compliance requirements of public sector agencies and commercial customers who operate in highly regulated industries. ESChat for Government has been built to FedRAMP standards and currently listed with the FedRAMP ‘In Process’ designation.
What is FedRAMP
FedRAMP empowers Government customers with access to modern cloud technologies, with an emphasis on security and protection of federal information. In December 2022, the FedRAMP Authorization Act was signed as part of the FY23 National Defense Authorization Act (NDAA). The Act codifies the FedRAMP program as the authoritative standardized approach to security assessment and authorization for cloud computing products and services that process unclassified federal information. ESChat has achieved the “In Process” designation at the Moderate impact level from the Federal Risk and Authorization Management Program (FedRAMP®). FedRAMP leverages NIST SP 800-53 standards, and the diagram below shows where ESChat sits in the spectrum of cybersecurity coverage.
Our FedRAMP Initiative
The ESChat FedRAMP initiative has been underway for the past two years. The ‘FedRAMP In Process’ designation indicates the company’s readiness for an independent third-party audit, sponsor agency ATO, and final review by the FedRAMP Program Management Office (PMO), which are requirements to achieve the ‘FedRAMP Authorized’ Designation.
ESChat’s current FedRAMP designation is ‘In Process’. Details can be found in the ESChat FedRAMP Marketplace Listing.
Prior to FedRAMP
Before FedRAMP, vendors had to meet different security requirements for each federal agency. FedRAMP eliminates this duplication by providing a common security framework, making it possible for agencies and cloud service providers to reuse authorizations. Agencies review a standardized set of security materials against one common baseline. A cloud service offering is authorized once and then the security package can be used by any federal agency. FedRAMP’s guiding principle is reuse: do once, use many times. This saves money, time, and effort for both agencies and Cloud Service Providers.
When is FedRAMP Required
FedRAMP is required for any cloud service provider (CSP) who has developed a cloud service offering (CSO) (like ESChat), that has been designed to work with a federal agency. Whenever a federal agency shares sensitive federal data on the cloud, it must adhere to FedRAMP standards. When an agency has sought a partnership with a CSP, both need to work together to achieve authorization.
For additional information, visit fedramp.gov