Kiteworks achieves FedRAMP High Ready status for Gov Cloud

Yesterday

Kiteworks has announced that it has achieved FedRAMP High Ready Status for its Secure Gov Cloud, marking a significant step in its service to government agencies with stringent security needs.

This achievement follows an independent assessment conducted by Coalfire Systems, a recognised Certified Third Party Assessment Organisation. Approval of the Readiness Assessment Report was granted by the FedRAMP Program Management Office.

FedRAMP High Ready status signifies Kiteworks' commitment to meeting the security needs of federal agencies, particularly those dealing with sensitive unclassified data where breaches could have significant impacts. This includes federal operations ranging from national security systems to critical infrastructure and emergency services.

"Achieving FedRAMP High Ready status demonstrates our unwavering commitment to providing the highest levels of security for our government customers handling mission-critical and sensitive data," stated Frank Balonis, Chief Information Security Officer and Senior Vice President of Operations at Kiteworks. "By building upon our established FedRAMP Moderate Authorization [Kiteworks Federal Cloud] that we've maintained since 2017, alongside our comprehensive suite of international security validations, we're positioning ourselves to serve the complete spectrum of federal security needs – from civilian agencies to defence and intelligence communities with more rigorous requirements."

Kiteworks' approach to FedRAMP compliance includes its Federal Cloud service - which received FedRAMP Moderate Authorization in June 2017 and has maintained this certification since then—catering to agencies handling Controlled Unclassified Information (CUI) and other sensitive but unclassified data. The company also holds validations for SOC 2 Type II, ISO 27001, 27017, and 27018, as well as the Australian Information Security Registered Assessors Program.

The FedRAMP classification system places cloud services into categories of Low, Moderate, and High impact levels based on the severity of potential security breaches. The High impact level involves adherence to 421 security controls, a 30% increase over the 325 controls required for the Moderate level, and includes advanced encryption, physical access restrictions, and personnel vetting.

This High impact level is considered the apex of cloud security certification for handling U.S. federal unclassified data. As of February 2025, there are approximately 80 cloud service offerings at this High impact level on the FedRAMP Marketplace, with only 48 fully authorised, underscoring the rigorous nature of this certification.

Federal agencies, which spent USD $11 billion on cloud services in 2024, with high-impact systems comprising 40% of expenditures, are a primary market for Kiteworks Secure Gov Cloud. The platform offers essential data security capabilities, including private cloud deployment with dedicated environments, secure file transfer, and sharing functionality, alongside extensive encryption and access controls.

The platform's focus on secure content communications aligns with federal efforts to safeguard sensitive information while facilitating collaboration across agencies and with external partners. Balonis noted, "As federal agencies increasingly move sensitive workloads to the cloud, they require partners who understand the unique security challenges of government operations. Our progression toward FedRAMP High authorisation reflects our deep commitment to supporting the government's most security-sensitive missions while providing the efficiency and collaboration benefits of modern cloud solutions."

Share on: