CRM

HubSpot

Name: HubSpot
Author: HubSpot

by HubSpot

Not FedRAMP Authorized

FedRAMP Status

Not FedRAMP Authorized

Impact Level

N/A

Overview

HubSpot is a popular commercial CRM platform for marketing, sales, and customer service. It does not hold FedRAMP authorization and is not approved for handling CUI or other sensitive government data.

CUI Risk Assessment

Not FedRAMP authorized. Using this tool for CUI creates compliance violations under NIST 800-171 and DFARS 252.204-7012.

NIST 800-171 Violations

Using HubSpot for CUI without FedRAMP authorization may violate these NIST 800-171 controls:

3.1.1 3.1.2 3.13.1 3.13.8

FedRAMP Compliant Alternatives

Salesforce Government Cloud

Salesforce — High Impact

Dynamics 365 GCC High

Microsoft — High Impact

Frequently Asked Questions

Is HubSpot FedRAMP authorized?

No. HubSpot does not hold a FedRAMP authorization at any impact level and has not announced plans to pursue one.

Can I use HubSpot with CUI?

No. Using HubSpot to process or store CUI violates NIST 800-171 requirements for access control (3.1.1, 3.1.2) and system/communications protection (3.13.1, 3.13.8) and creates DFARS non-compliance.

What is a compliant alternative to HubSpot?

Salesforce Government Cloud and Microsoft Dynamics 365 GCC High are both FedRAMP High authorized CRM platforms that support CUI handling for defense contractors.

Run a Full Tech Stack Audit

Check all your enterprise tools at once with our free CUI Compliance Auditor.

Launch CUI Auditor

← CUI Compliance Auditor

CRM

HubSpot

by HubSpot

Not FedRAMP Authorized

FedRAMP Status

Not FedRAMP Authorized

Impact Level

N/A

Overview

CUI Risk Assessment

Not FedRAMP authorized. Using this tool for CUI creates compliance violations under NIST 800-171 and DFARS 252.204-7012.

NIST 800-171 Violations

Using HubSpot for CUI without FedRAMP authorization may violate these NIST 800-171 controls:

3.1.1 3.1.2 3.13.1 3.13.8

FedRAMP Compliant Alternatives

Salesforce Government Cloud

Salesforce — High Impact

Dynamics 365 GCC High

Microsoft — High Impact

Frequently Asked Questions

Is HubSpot FedRAMP authorized?

No. HubSpot does not hold a FedRAMP authorization at any impact level and has not announced plans to pursue one.

Can I use HubSpot with CUI?

No. Using HubSpot to process or store CUI violates NIST 800-171 requirements for access control (3.1.1, 3.1.2) and system/communications protection (3.13.1, 3.13.8) and creates DFARS non-compliance.

What is a compliant alternative to HubSpot?

Salesforce Government Cloud and Microsoft Dynamics 365 GCC High are both FedRAMP High authorized CRM platforms that support CUI handling for defense contractors.

Run a Full Tech Stack Audit

Check all your enterprise tools at once with our free CUI Compliance Auditor.

Launch CUI Auditor

← CUI Compliance Auditor