FedRAMP - Customer Information Spillage - FAQ
|Knowledge Article Number||000212977|
The Federal Risk and Management Authorization Program (FedRAMP) provides a set of required security controls that must be implemented by Cloud Service Providers (CSPs) that would like to do business with the US Federal Government. Salesforce is currently compliant with FedRAMP controls.The FedRAMP baseline of controls was updated in June 2014, and now requires implementation of control IR-9, Information Spillage Response.
The Salesforce Government Cloud is a portion of Salesforce’s multi-tenant infrastructure, specifically isolated for use by U.S federal, state, and local government customers, U.S. government contractors, and Federally Funded Research and Development Centers (FFRDCs).
Customers using the Salesforce Government Cloud must ensure that the security categorization of information types collected, processed, or stored on the environment does not exceed the high-water mark of “Moderate” for confidentiality, integrity, and availability, specifically defined by the customer.
Customer agencies will be expected to perform a separate FIPS 199 data categorization analysis for their own data hosted on Salesforce’s cloud environment.
Frequently Asked Questions
1. What is information spillage?
a. Information spillage occurs when a user inputs information or sensitive data into a shared cloud infrastructure that is not authorized by regulations applicable to the Customer agency to be stored or processed on their org.
2. Who is responsible for identifying information spillage?
a. The customer is responsible for identifying information spillage within their Salesforce org and must also identify the specific data involved in the spill.
3. What must I do once the information spillage is identified?
a. After the information spillage has been identified, it is the customers’ responsibility to delete all data related to the information spillage from their Salesforce org.
4. How do I delete the data from my org?
a. For help with deleting data, you can reference the “I have identified unwanted data in my system. How do I delete it?” Knowledge article in Help & Training.
5. Which permissions must be enabled in order to delete the data?
a. Administrators and users with the “Modify All Data” permission enabled have data deletion rights.
6. Where can I find additional information?
a. For additional questions, you can contact Customer Support by logging a case via the Help & Training portal.