Trust Center
This Trust Center provides you with resources demonstrating Sand Solutions' continuous commitment to safeguarding your data, ensuring privacy, and maintaining compliance. Here, you’ll find detailed information on our security practices, privacy protections, and compliance standards, reflecting our dedication to transparency and reliability. We strive to provide a secure, compliant, and resilient cloud environment, empowering you with the knowledge and resources needed to trust us as your PaaS and IaaS provider.
FedRAMP Moderate Rev. 5 Equivalence Achieved
Sand Solutions is proud to announce that we have achieved FedRAMP Moderate Rev. 5 Equivalence in accordance with the DoD Memorandum for the Federal Risk and Authorization Management Program Moderate Equivalency for Cloud Service Provider’s Cloud Service Offerings (PDF).
This milestone, part of our initiative launched in August 2024, underscores our ongoing commitment to security, compliance, and trust.
Why this matters:
DoD FedRAMP Equivalency sets a higher standard than both standard FedRAMP Authorization and the FedRAMP Ready status many providers market. While Authorization may be granted by an agency that chooses to accept certain risks during the assessment, Equivalency requires 100% compliance with no Plans of Action and Milestones (POA&Ms) permitted. A complete Body of Evidence (BOE) is reviewed by a 3PAO, and the Risk Exposure Table (RET) must be fully remediated before equivalency can be granted.
To achieve this designation, Sand Solutions:
- Completed a full Body of Evidence (BOE) for the SGC2 (FedRAMP) environment, including our System Security Plan (SSP) with supporting policies and procedures, Security Assessment Plan (SAP), Plan of Action & Milestones (POA&M), and Security Assessment Report (SAR) — all fully remediated to meet DoD equivalency requirements.
- Met the requirements of DFARS 252.204-7012 and DFARS 252.204-7020.
Applies to: SGC2 (FedRAMP)