Teradata VantageCloud Lake Is FedRAMP Ready: Unlock Trusted and Secure Analytics at Scale

“This significant achievement underscores our commitment to providing secure, reliable, and scalable data analytics solutions tailored for the unique needs of federal agencies,” says Billy Spears, chief information security officer at Teradata.

Across industries and across the globe, Teradata is trusted by the world’s largest enterprises, including:

• 5 of the top 6 airlines
• 6 of the top 6 banks
• 3 of the top 5 healthcare providers

Teradata also serves leading retailers, telecommunications companies, auto manufacturers, and government organizations.

What is FedRAMP® compliance?

FedRAMP® (Federal Risk and Authorization Management Program) is a U.S. government initiative designed to provide a standardized, reusable approach to security assessment and authorization for cloud service offerings before they can serve federal agencies.

Achieving FedRAMP® Ready status means that Teradata's security measures, architecture, and processes have undergone an independent assessment by a third-party assessment organization (3PAO), confirming that we meet the requirements for full FedRAMP® authorization. It’s a stamp of approval signaling that our platform is prepared for the next stage in the process.

Moving toward full FedRAMP® Authority to Operate (ATO), Teradata is committed to providing secure, reliable, compliant, and scalable solutions for all customers.

Why FedRAMP® Ready matters

This milestone unlocks benefits for federal agencies and all other Teradata customers by ensuring that our platform:

• Aligns with federal compliance requirements: Regulatory trust and confidence empower federal and state agencies to make data-driven decisions, improve operational efficiency, protect sensitive data, and enhance service delivery for citizens
• Meets the highest cybersecurity standards: Comprehensive security controls enable proactive threat monitoring and mitigation, adhering to FedRAMP® vulnerability scanning requirements
• Secures citizen data: U.S. data residency and tenancy isolation from commercial customers maximize agency control
• Provides a secure foundation for cloud operations: Agencies can deploy with confidence, knowing they’re protected and supported by rigorous standards, including FIPS 140-3 and TLS 1.2 in-transit encryption
• Unlocks faster innovation through scalable analytics: Teams can leverage the most extensive in-database analytics capabilities, uncover insights, and fuel AI-powered innovation and automation to solve complex problems at government scale
• Simplifies procurement processes: With the FedRAMP® Ready designation, agencies can benefit from streamlined and efficient procurement processes for VantageCloud Lake

FedRAMP® Ready further enriches our robust compliance certification standards

The National Institute of Standards and Technology (NIST) and FedRAMP® are frameworks established by different U.S. government agencies, focusing on various aspects of technology, including cybersecurity. NIST provides foundational standards and guidelines aimed at achieving the key tenets of confidentiality, integrity, and availability for information security and privacy controls. FedRAMP® builds upon these guidelines to ensure that government agencies can utilize cloud services securely.

Teradata's achievement of FedRAMP® Ready status for the Moderate Impact Level marks a significant advancement in our FedRAMP® compliance journey. We’ve consistently demonstrated our dedication to compliance by obtaining certifications across multiple regulatory frameworks. Notably, many of these compliance frameworks share robust control sets defined by the common controls or objectives outlined in NIST 800-53 baseline.

 

Compliance Regime	Value to Customers	Teradata’s Compliance
Infosec Registered Assessors Program (IRAP)	IRAP compliance involves assessments against the Australian government's Information Security Manual (ISM), covering security guidelines, roles, incident response, vulnerability scans, and continuous updates. In principle, IRAP shares common objectives with NIST 800-53. Australian government agencies use this certification for public cloud compliance.	Audited compliance certified for Protected Level
Health Insurance Portability and Accountability Act (HIPAA)	HIPAA's Security Rule includes administrative, physical, and technical safeguards that align with NIST 800-53 controls, particularly for protecting electronic protected health information (ePHI).	Audited compliance
HITRUST®	This certifiable framework was developed by the Health Information Trust Alliance (HITRUST®) in collaboration with leaders from public and private sectors to manage information security risk and ensure the security of sensitive data, particularly in the healthcare industry.	Audited compliance certified for r2
PCI DSS (Payment Card Industry Data Security Standard)	This global standard for securing cardholder data is relevant for FedRAMP® cloud service providers (CSPs) processing payment data for federal clients.	Audited compliance certified for PCI 4.0
ISO/IEC 27001	This international standard for information security management systems (ISMS) includes controls that overlap with NIST 800-53. It helps organizations establish, implement, maintain, and continually improve their information security management systems, ensuring global compliance and protecting data across borders.	Audited compliance
General Data Protection Regulation (GDPR)	While GDPR is a European regulation, its requirements for data protection and privacy share common objectives with NIST 800-53, especially in terms of safeguarding personal data.	Self-attestation of compliance

Trusted data. Trusted AI.

Modern business is deeply interconnected, creating both opportunities and risks. Teradata safeguards data with best-in-class technologies and processes, earning the trust of leading enterprises from the world’s most highly regulated industries. To learn more about how Teradata delivers trusted data for business, visit our Trust and Security Center.