Mendix, a Siemens business and global leader in low-code application development for the enterprise, today announced Mendix Cloud for Government has taken a critical step toward achieving full authorisation through the Federal Risk and Authorization Management Program (FedRAMP®), receiving the “In Process” designation.
Under the sponsorship of the Centers for Disease Control and Prevention, Mendix Cloud for Government now moves closer to achieving full “Authorization to Operate” status, with a rigorously tested system security plan, available to any government agency seeking cost-saving, time-efficient, rapidly deployable and secure low-code applications.
FedRAMP promotes the adoption of secure cloud services across the federal government by providing a standardised approach to security and risk assessment for cloud technologies. Mendix is being utilised today by the Centers for Disease Control and Prevention’s National Institute for Occupational Safety and Health (NIOSH).
Mendix is a cloud-agnostic platform that runs on AWS GovCloud (US) and is managed by Siemens Government Technologies (SGT). As such, Mendix empowers public sector customers to deploy their technology stack via public or private cloud, on premises, at the edge, or in hybrid configurations. These capabilities, along with an extensive catalog of certified workflows and customised components, are packaged in Mendix Cloud for Government as a vertical solution at the FedRAMP Moderate impact level.
“Our successful participation in FedRAMP builds upon the importance that Mendix places on digital trust and security,” said Tim Srock, CEO at Mendix. “In a regulated environment, FedRAMP validates the trustworthiness, safety, and reliability of our platform for building solutions that support internal government operations and e-government services for citizens. It sends a strong signal to our global partners, systems integrators, and enterprises supplying the federal government that Mendix continues to prioritise security, data privacy, and risk management for cloud-based operations at the highest level.”
John Ustica, president and CEO, Siemens Government Technologies, said: “As the cloud service provider supporting Mendix Cloud for Government, we are excited to broaden our cloud portfolio of solutions and services for government customers to help them address increasingly complex missions and service delivery environments in the most secure way possible.”
The pandemic-related demand for digital-first channels and expanded e-government services in the public sector proved to be a historic tipping point. Governments now face accelerated demands and legal directives to modernise legacy networks, expand interagency collaboration, and streamline delivery of critical services to constituents.
Analysts predict that cloud-based spending by the U.S. government, already the world’s largest buyer of IT solutions, will skyrocket, nearly doubling from 2019’s $5.3 billion for cloud computing goods and services to $9.1 billion by 2024.
Extensive controls to safeguard cloud-based innovation
Public sector agencies are using cloud-based applications to integrate innovative technologies such as AI, hyper automation, and IoT connectivity into digital solutions to address tomorrow’s needs for civic resource management, environmental sustainability, economic development, and community health. In an era when headlines regularly report the latest cyberattack or data breach, public sector CIOs and IT managers can only be confident unlocking these benefits when they know that highly sensitive data is protected system-wide at an acceptable level of risk.
“As a cloud-native company, Mendix understands the paramount importance of security and end-user trust,” said Frank Baalbergen, Mendix’s chief information security officer. “Security and compliance is embedded across the entire platform architecture and infrastructure.” Prior to receiving FedRAMP ‘In Process” designation, Mendix had already obtained the highest level of independent security certifications of any low-code software development vendor.
Mendix is a member of the global Charter of Trust, a nonprofit educational and advocacy forum initiated by Siemens at 2018’s Munich Security Conference to advance the highest standards of cybersecurity and digitalization. Mendix also works closely with CrowdStrike, a third-party endpoint security software as a service, and Lacework, a data-driven security platform for the cloud, and HackerOne, an ethical “white hat” vulnerability coordination program that searches technology stacks for cyber risks before they are exposed for public use.