FedRAMP Authorized — Moderate Impact
Google Workspace for Government by Google. 6 compliance features verified.
Google Workspace for Government
by Google
Impact Level
Moderate
Status
Authorized
Pricing
enterprise
Authorization Date: March 25, 2021 | Sponsoring Agency: GSA
Overview
Google Workspace for Government provides FedRAMP Moderate authorized email, calendar, video conferencing, and document collaboration tools. It includes Gmail, Google Meet, Drive, Docs, and other productivity tools within a compliant boundary. The platform leverages Google AI for smart compose, grammar suggestions, and search.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Google Workspace for Government for Defense Contracts
Google Workspace for Government is available through GSA Multiple Award Schedule (MAS) under SIN 518210C (IT Professional Services) and SEWP V contracts. Government pricing includes significant discounts from commercial rates, typically 15-25% below standard enterprise pricing, with volume discounts for agencies over 10,000 seats. Contracting officers must review the FedRAMP Authorization Package including the System Security Plan (SSP), which defines the authorization boundary covering Gmail, Drive, Meet, Calendar, and administrative controls. The authorization boundary excludes third-party marketplace apps, requiring separate assessment. COs should approve the Data Processing Amendment (DPA) and verify data residency requirements are met within the Continental United States. Typical procurement timeline ranges 45-90 days including technical evaluation, security review, and legal approval. For CMMC compliance, include Google Workspace within your assessment boundary when processing CUI, ensuring proper data classification labeling and retention policies. The service supports CMMC Level 2 requirements through built-in DLP, encryption in transit/at rest, and audit logging. Agencies must configure proper access controls and implement approved authentication methods (PIV/CAC integration available). Budget for implementation services including data migration, user training, and security configuration to meet agency-specific compliance requirements.
Compliance Cross-References
Google Workspace for Government directly supports DFARS 252.204-7012 requirements through FedRAMP Moderate authorization providing adequate security for CUI processing. The service satisfies DFARS 252.239-7010 cloud computing requirements with appropriate data location controls, incident response procedures, and government access provisions. For NIST 800-171 compliance, the platform addresses Access Control (AC) family through identity management and conditional access policies, System and Communications Protection (SC) through encryption and boundary protection, and Audit and Accountability (AU) through comprehensive logging and monitoring. CMMC Level 2 domains are supported including Access Control (AC.L2), Audit and Accountability (AU.L2), Configuration Management (CM.L2), Identification and Authentication (IA.L2), and System and Communications Protection (SC.L2). The DoD Cloud Computing Security Requirements Guide (SRG) IL2 controls are met through the FedRAMP authorization, with additional IL4 controls available through enhanced security configurations. Organizations must implement proper data marking, user training, and incident response procedures to fully leverage these compliance mappings.
Defense Contractor Use Case
Defense contractors use Google Workspace Government for email and collaboration when they prefer Google productivity tools and their data classification requires FedRAMP Moderate authorization.
Related Products
More Collaboration Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Google Workspace for Government?
Google Workspace for Government is authorized at the FedRAMP Moderate impact level, with authorization granted on 2021-03-25 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Google Workspace for Government for CUI?
Google Workspace for Government is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Google Workspace for Government pricing compare to commercial?
Google Workspace for Government government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Google directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Google Workspace for Government FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days