Mendix earns FedRAMP ‘In Process’ designation for low-code development platform for govt customers
Mendix, a Siemens business and global provider in low-code application development for the enterprise, announced Mendix Cloud for government has taken a step toward achieving full authorisation through the Federal Risk and Authorisation Management Programme (FedRAMP), receiving the “In Process” designation. Under the sponsorship of the Centers for Disease Control and Prevention, Mendix Cloud for government now moves closer to achieving full “Authorisation to Operate” status.
FedRAMP promotes the adoption of secure cloud services across the federal government by providing a standardised approach to security and risk assessment for cloud technologies. Mendix is being utilised by the Centers for Disease Control and Prevention’s National Institute for Occupational Safety and Health (NIOSH).
Mendix is a cloud-agnostic platform that runs on AWS GovCloud (US) and is managed by Siemens Government Technologies (SGT). As such, Mendix empowers public sector customers to deploy their technology stack via public or private cloud, on premises, at the edge, or in hybrid configurations. These capabilities, along with an extensive catalog of certified workflows and customised components, are packaged in Mendix Cloud for government as a vertical solution at the FedRAMP Moderate impact level.
“Our successful participation in FedRAMP builds upon the importance that Mendix places on digital trust and security,” says Tim Srock, CEO at Mendix. “In a regulated environment, FedRAMP validates the trustworthiness, safety, and reliability of our platform for building solutions that support internal government operations and e-government services for citizens. It sends a strong signal to our global partners, systems integrators, and enterprises supplying the federal government that Mendix continues to prioritise security, data privacy, and risk management for cloud-based operations at the highest level.”
John Ustica, president and CEO, Siemens Government Technologies, says “As the cloud service provider supporting Mendix Cloud for Government, we are excited to broaden our cloud portfolio of solutions and services for government customers to help them address increasingly complex missions and service delivery environments in the most secure way possible.”
The pandemic-related demand for digital-first channels and expanded e-government services in the public sector proved to be a historic tipping point. Governments now face accelerated demands and legal directives to modernise legacy networks, expand interagency collaboration, and streamline delivery of critical services to constituents.
Analysts predict that cloud-based spending by the U.S. government will skyrocket, nearly doubling from 2019’s [$5.3 billion (€4.85 billion) for cloud computing goods and services to [$9.1 billion (€8.32 billion)] by 2024.
Extensive controls to safeguard cloud-based innovation
Public sector agencies are using cloud-based applications to integrate technologies such as AI, hyper automation, and IoT connectivity into digital solutions to address tomorrow’s needs for civic resource management, environmental sustainability, economic development, and community health. In an era when headlines regularly report the cyberattack or data breach, public sector CIOs and IT managers can only be confident unlocking these benefits when they know that highly sensitive data is protected system-wide at an acceptable level of risk.
“As a cloud-native company, Mendix understands the paramount importance of security and end-user trust,” says Frank Baalbergen, Mendix’s chief information security officer. “Security and compliance is embedded across the entire platform architecture and infrastructure.” Prior to receiving FedRAMP ‘In Process” designation, Mendix had already obtained the highest level of independent security certifications of any low-code software development vendor.
Mendix is a member of the global Charter of Trust, a nonprofit educational and advocacy forum initiated by Siemens at 2018’s Munich Security Conference to advance the highest standards of cybersecurity and digitalisation. Mendix also works closely with CrowdStrike, a third-party endpoint security software as a service, and Lacework, a data-driven security platform for the cloud, and HackerOne, an ethical “white hat” vulnerability coordination programme that searches technology stacks for cyber risks before they are exposed for public use.
Learn more about the Mendix Platform and Pricing and Availability, plus additional resources on Mendix security and third-party certifications.
Comment on this article below or via Twitter @IoTGN