FedRAMP Compliance

FedRAMP is an important standard for those who are technologically connected within the U.S. Federal government network. Our Viewpoint products are part of a non-Federal Government network since U.S. Federal Government employees do not directly access our products from their workstations which are on a U.S. Federal Government network. For this reason our compliance efforts have focused on SOC II, Type 2, which consists of having an independent 3rd party review both our administrative and technical controls over the period of 12 months to gauge whether they are working or not. These reports can be made available under NDA. Additionally, Viewpoint is pursuing NIST 800-171 certifications from an independent 3rd party which is commensurate with both the information we're safeguarding and our non-Federal Government network status.

In addition, since both our Vista and Spectrum Cloud solutions are hosted in Microsoft's Azure cloud, we are able to leverage Microsoft's support for many cloud-enabled standards.  In relation to this, Microsoft's Azure cloud is already approved for FedRAMP High Impact Level operations.

Please see the following link from Microsoft for more detail:  https://azure.microsoft.com/en-us/blog/all-us-azure-regions-now-approved-for-fedramp-high-impact-level/