FedRAMP Moderate compliance controls

FedRAMP Moderate compliance controls provide enhancements that help you with FedRAMP Moderate compliance for your workspace.

FedRAMP Moderate compliance controls requires enabling the compliance security profile, which adds monitoring agents, enforces instance types for inter-node encryption, provides a hardened compute image, and other features. For technical details, see Enable the compliance security profile.

Important

  • Databricks is actively working towards delivering a FedRAMP Authorized CSO SaaS (Cloud Service Offering of Software-as-a-Service) at Moderate Impact Level in the AWS US-East and US-West (commercial) regions.

  • Our CSO has completed a full 3PAO assessment and received an ATO from the sponsoring agency. Our FedRAMP authorization package is pending review by the FedRAMP PMO. You may refer to the “FedRAMP PMO review” step as part of the overall process at the FedRAMP PMO website.

  • Interested US Government customers are welcome to begin their review of our FedRAMP authorization package. The package ID is #FR1834740315, and it may be accessed via OMB MAX (access first needs to be requested by submitting a Package Access Request Form to FedRAMP PMO). Note that the package content may change as we proceed through the FedRAMP authorization process.

Requirements

  • Your Databricks account must include the Enhanced Security and Compliance add-on. For details, see the pricing page.

  • Your Databricks workspace is on the E2 version of the platform.

  • Your Databricks workspace is on the Enterprise tier.

  • Your Databricks workspace is deployed in AWS region us-west2 or us-east1.

  • Single sign-on (SSO) authentication is configured for the workspace.

  • Enabling the compliance security profile at the account level or for specific workspaces.

Enable FedRAMP Moderate compliance controls

To configure your account or workspace to support processing of data regulated by the FedRAMP standard, enable the compliance security profile. One of those steps includes contacting your Databricks representative. When you do so, also request the FedRAMP compliance controls. You will receive additional information and agreements to sign. You will have to decide whether to enable account or workspace-level enablement for specific workspaces, and the order form must specify this information.

Does Databricks permit the processing data protected by FedRAMP Moderate?

Databricks permits the processing of data protected by FedRAMP Moderate under the condition of a signed agreement. Contact your Databricks representative for more information.

Preview features that are supported for processing data protected by FedRAMP Moderate

The following preview features are supported for processing data protected by FedRAMP Moderate: