FedRAMP Authorized — Moderate Impact
Google Workspace (Government) by Google. 6 compliance features verified.
Google Workspace (Government)
by Google
Impact Level
Moderate
Status
Authorized
Pricing
enterprise
Authorization Date: March 25, 2021 | Sponsoring Agency: GSA
Overview
Google Workspace for Government provides FedRAMP Moderate authorized productivity tools including Docs, Sheets, Slides, and Gmail within a compliant boundary. It offers real-time collaboration with AI-powered features like smart compose and explore. The platform provides admin controls for data governance and security.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Google Workspace (Government) for Defense Contracts
Google Workspace Government is available through GSA Multiple Award Schedule (MAS) under SIN 518210C (IT Professional Services) and SIN 54151S (Information Technology Software). The service is also procurable via SEWP V contracts and CIO-SP3 GWAC for bundled IT solutions. Government pricing includes significant discounts from commercial rates, typically 15-25% below standard pricing, with volume discounts available for agencies exceeding 1,000 users. The authorization boundary is clearly defined in Google's SSP, encompassing all Workspace applications (Gmail, Drive, Docs, Sheets, Slides, Calendar, Meet) within the FedRAMP Moderate boundary. Contracting officers must ensure the SOW specifically references the Government SKU and FedRAMP authorized services, excluding any commercial-only features like third-party marketplace apps. The procurement timeline typically spans 90-120 days including agency security review, contract negotiation, and implementation planning. For CMMC assessment boundaries, Google Workspace Government must be explicitly included when processing CUI, requiring documentation of data flows, user access controls, and integration points with existing agency systems. Agencies should coordinate with their ISSO to validate that Google's continuous monitoring artifacts align with agency-specific security requirements and ensure proper configuration of government-specific security settings during deployment.
Compliance Cross-References
Google Workspace Government directly supports DFARS 252.204-7012 CUI protection requirements through its FedRAMP Moderate authorization, which implements NIST 800-171 controls within the cloud boundary. The service satisfies DFARS 252.239-7010 cloud computing requirements as a FedRAMP authorized service with continuous monitoring and incident response capabilities. Key NIST 800-171 control families are addressed: Access Control (AC) through robust identity management and multi-factor authentication; System and Communications Protection (SC) via encryption in transit and at rest using FIPS 140-2 validated modules; and Audit and Accountability (AU) through comprehensive logging and monitoring. For CMMC Level 2 compliance, Google Workspace Government supports Asset Management (AM), Access Control (AC), System and Information Integrity (SI), and Risk Management (RM) domains through its security architecture and continuous monitoring program. The service's DoD SRG IL2 provisional authorization demonstrates alignment with DoD Cloud Computing Security Requirements Guide, particularly for authentication, authorization, encryption, and audit logging requirements essential for CUI processing environments.
Defense Contractor Use Case
Defense contractors use Google Workspace Government for document creation and collaboration on moderate-sensitivity data, particularly when they prefer browser-based productivity tools.
Related Products
More Productivity Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Google Workspace (Government)?
Google Workspace (Government) is authorized at the FedRAMP Moderate impact level, with authorization granted on 2021-03-25 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Google Workspace (Government) for CUI?
Google Workspace (Government) is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Google Workspace (Government) pricing compare to commercial?
Google Workspace (Government) government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Google directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Google Workspace (Government) FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days