|Situation||Is Proofpoint aligned with any Information Security Programs?|
|Solution||Proofpoint is aligned with NIST 800-171|
Proofpoint has a documented Information Security Program that is aligned with the requirements of NIST 800-53 and ISO 27001.
By being aligned with NIST 800-53, it is also aligned with NIST 800-171 (DFARS), which is a subset of NIST 800-53. While our commercial offerings are not certified to be compliant with these standards, our security controls broadly address the requirements of these frameworks.
Our security controls address:
- Physical and Logical access
- Physical and Personnel security
- Change Management
- Software Development
- Continuous Monitoring
- Third-Party Vendors.
Services are hosted in Tier-3 co-location facilities.
Proofpoint owns and manages all server, storage, network and security devices that host the Services in locked, dedicated cages in those facilities.