Esri customers require assurance that their GIS apps and content are managed in a secure manner. Esri Managed Cloud Services provide options for support in different environments with levels of security classified as "Advanced", and "Advanced Plus".
Esri Managed Cloud Services—Advanced
The Esri Managed Cloud Services "Advanced" security offering follows American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) framework which is widely recognized across many industries. SOC 2 are reports performed and issued under SSAE 18 guidance and developed by the American Institute of Certified Public Accountants (AICPA). These reports are applicable to all third-party service providers, rather than cloud focused. A SOC 2 report created by a third party SOC assessor can be provided to customers with an active nondisclosure agreement. To request this report please send an email to firstname.lastname@example.org.
Esri Managed Cloud Services—Advanced Plus
Esri Managed Cloud Services "Advanced Plus" is a FedRAMP Moderate compliant offering. FedRAMP is a security authorization framework developed by the Federal Government along with industry professionals to align requirements for cloud service providers with that of the NIST framework and containing mappings to ISO/IEC 27001. For more details regarding the Esri Managed Cloud Services Advanced Plus offering, please refer to the Esri Managed Cloud Services Advanced Plus Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) . For general information about FedRAMP, visit the official FedRAMP site or view Esri Managed Cloud Services Advanced Plus FedRAMP Marketplace Listing .
Details regarding the security benefits that are available in both of the offerings described above can be found below.
- ArcGIS Monitor: Collect data and information on the status, usage, availability, and resource utilization in your Enterprise GIS.
- FedRAMP accredited Third Party Assessment Organizations
For detailed security information related to Esri Managed Cloud Services Advanced Plus, see Esri's answers to the latest revision of the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM).