Granicus
Security

Rest assured that data and information is secure.

The first and only FedRAMP-compliant digital communications solutions

Unlike private sector marketing technology, the GovDelivery Communications Cloud is the first and only platform secure enough to be used exclusively by government and proven to double audiences within the first year. This framework saves time and staff required to conduct redundant agency security assessments. Our highly secure environment has withstood comprehensive and rigorous review at the JAB level, approved by CIOs from the General Services Administration (GSA), the Department of Defense (DOD) and the Department of Homeland Security (DHS).

Why FedRAMP matters

The Federal Risk and Authorization Management Program (FedRAMP) is the first government-wide security authorization program mandatory for all agencies and all cloud services. Agencies must implement FedRAMP and require it with all vendors they work with contractually.

Sign in with MAX authentication

Granicus is an OMB sponsored max.gov integrator, enabling organizations to utilize multi factor authentication to ensure appropriate levels of security for administrators. Using SMS messages, PIV or common access cards, federal Granicus administrators are able to further secure access to the GovDelivery Communications Cloud using multiple authentication points.

Accreditations

Granicus has successfully completed Certification and Accreditation reviews by the leading Federal government organizations responsible for information standards and compliance, including:

                    

We’ve worked with these public-sector organizations:

We are one of a handful of elite organizations that are ISO27001 certified, and have been awarded the United Kingdom’s G-Cloud IL2 accreditation.

                                             

Your shared responsibility

During initial implementation and training, the customer’s team is advised of the security options they have, and best practices that support the integrity of the system. Every individual administrator on the system is provided with personal credentials, and shared accounts are strongly discouraged.

Customers have access to administrator activity reports, and are educated on how to disallow access to specific users (in the event, for example, they are terminated). Our security architecture ensures that each account is maintained in its own private area, and each of our customers has a responsibility, to ensure that its own organization follows our recommended best practices.