github/oneuptime
1
1
Fork 0
mirror of https://github.com/OneUptime/oneuptime.git synced 2026-04-06 00:32:12 +02:00
Code Issues 193 Packages Projects Releases Wiki Activity
Files
release
oneuptime/Home/Views/fedramp.ejs
Nawaz Dhandala a6f2e83c72 feat: Add FedRAMP legal section and corresponding view
2026-03-03 12:12:31 +00:00

42 lines
2.0 KiB
Plaintext
Raw Permalink Blame History

<header>
<h1>FedRAMP</h1>
<p>Federal Risk and Authorization Management Program</p>
</header>
<section>
<h3>Introduction</h3>
<p>The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government-wide program that provides a
standardized approach to security assessment, authorization, and continuous monitoring for cloud products and
services used by federal agencies.</p>
<h3>FedRAMP and Self-Hosted Deployments</h3>
<p>FedRAMP certification applies specifically to cloud service providers (CSPs) that offer hosted services to U.S.
federal government agencies. It certifies that a cloud-hosted offering meets specific security standards defined
by NIST.</p>
<p><strong>FedRAMP is not required for self-hosted OneUptime customers.</strong> When you deploy OneUptime in your
own infrastructure — whether on-premises or in your own cloud environment — the responsibility for security
authorization falls under your organization's own Authority to Operate (ATO) process, not FedRAMP.</p>
<h3>Why FedRAMP Does Not Apply to Self-Hosted Deployments</h3>
<ul>
<li><strong>FedRAMP certifies cloud service providers</strong>, not software that is self-hosted within your own
authorized environment.</li>
<li><strong>Your infrastructure, your authorization</strong> — if a federal agency self-hosts OneUptime within
their own FedRAMP-authorized cloud or on-premises environment, the agency's existing infrastructure
authorization covers the deployment.</li>
<li><strong>Self-hosted software is evaluated as part of your ATO</strong>, not as a separate cloud service
requiring its own FedRAMP authorization.</li>
</ul>
<h3>Questions</h3>
<p>If you have questions about deploying OneUptime in a government or regulated environment, please
contact: <a href="mailto:security@oneuptime.com">security@oneuptime.com</a></p>
</section>
Reference in New Issue View Git Blame Copy Permalink