FedRAMP Authorized — Moderate Impact
Slack GovSlack by Salesforce. 6 compliance features verified.
Slack GovSlack
by Salesforce
Impact Level
Moderate
Status
Authorized
Pricing
enterprise
Authorization Date: August 10, 2022 | Sponsoring Agency: GSA
Overview
Slack GovSlack is a FedRAMP Moderate authorized version of Slack built on AWS GovCloud infrastructure for government and regulated industries. It provides real-time messaging, channels, and workflow automation within a compliant boundary. GovSlack supports integrations with other FedRAMP authorized tools.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Slack GovSlack for Defense Contracts
Slack GovSlack is available through GSA Multiple Award Schedule (MAS) under SIN 518210C (IT Professional Services) and SEWP V contracts. Government pricing includes volume discounts starting at 25% off commercial rates for agencies over 500 users, with additional education and non-profit discounts available. Contracting officers must review the FedRAMP authorization package including the System Security Plan (SSP), Security Assessment Report (SAR), and Plan of Action & Milestones (POA&M) from the FedRAMP Marketplace. The authorization boundary encompasses the core Slack application, AWS GovCloud infrastructure, and integrated third-party services like Okta for identity management. Key procurement approval requirements include: data location verification (CONUS-only), encryption standards validation (AES-256), and incident response procedures review. Typical procurement timeline spans 60-90 days including security review, contract negotiation, and technical implementation. For CMMC assessment boundaries, GovSlack should be classified as an external service provider requiring OSC (Other Service Connection) documentation. Agencies must maintain evidence of the FedRAMP authorization, data flow diagrams showing CUI handling, and supplier performance risk assessments. Integration with existing government identity providers (CAC/PIV) requires additional configuration and may extend deployment timelines by 2-4 weeks.
Compliance Cross-References
Slack GovSlack directly supports DFARS 252.204-7012 compliance by providing FedRAMP Moderate authorized infrastructure that meets adequate security requirements for CUI processing and storage. The platform satisfies DFARS 252.239-7010 cloud computing security requirements through its AWS GovCloud deployment with CONUS data residency and government-approved security controls. NIST 800-171 control families are comprehensively addressed: Access Control (AC) through enterprise SSO and role-based permissions, System and Communications Protection (SC) via TLS 1.2+ encryption and network segmentation, and Audit and Accountability (AU) through comprehensive logging and SIEM integration. For CMMC Level 2 compliance, GovSlack supports Asset Management (AM) through device management policies, Access Control (AC) with multi-factor authentication, System and Information Integrity (SI) via automated vulnerability scanning, and Incident Response (IR) through 24/7 SOC monitoring. The DoD Cloud Computing SRG Impact Level 2 requirements are met through continuous monitoring, encryption at rest and in transit, and segregation from commercial Slack environments, enabling seamless integration into DoD contractor compliance frameworks.
Defense Contractor Use Case
Defense contractors use GovSlack for real-time team communication and workflow automation when their data is classified at the FedRAMP Moderate level and they prefer the Slack user experience.
Related Products
More Collaboration Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Slack GovSlack?
Slack GovSlack is authorized at the FedRAMP Moderate impact level, with authorization granted on 2022-08-10 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Slack GovSlack for CUI?
Slack GovSlack is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Slack GovSlack pricing compare to commercial?
Slack GovSlack government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Salesforce directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Slack GovSlack FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days