FedRAMP Authorized — Moderate Impact
Zoom for Government by Zoom. 6 compliance features verified.
Zoom for Government
by Zoom
Impact Level
Moderate
Status
Authorized
Pricing
mid market
Authorization Date: November 18, 2020 | Sponsoring Agency: DHS
Overview
Zoom for Government is a FedRAMP Moderate authorized video communications platform hosted on AWS GovCloud. It provides video meetings, webinars, phone, and chat with the same user experience as commercial Zoom. The platform supports up to 1,000 participants with government-grade security controls.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Zoom for Government for Defense Contracts
Zoom for Government is available through GSA Multiple Award Schedule (MAS) contract 47QTCA18D008J under SIN 518210C (IT Services). The product is also procurable via SEWP V contracts and CIO-SP3 OASIS vehicles through authorized resellers. Government pricing includes significant discounts compared to commercial rates, typically 20-30% below standard enterprise pricing, with additional volume discounts for agencies exceeding 1,000 users. The FedRAMP authorization boundary encompasses all core video conferencing services, cloud recording, chat functionality, and administrative controls hosted within AWS GovCloud. Contracting officers must approve the System Security Plan (SSP) addendum, Customer Responsibility Matrix (CRM), and data processing agreements that define government data handling. The authorization includes continuous monitoring reports and incident response procedures. Typical procurement timeline spans 60-90 days including security review, contract negotiation, and implementation planning. For CMMC assessment boundaries, include Zoom for Government when it processes, stores, or transmits CUI during contractor meetings with government personnel. Document the service as an external system connection in your SSP, referencing the FedRAMP authorization as inherited controls for SC (System and Communications Protection) and AC (Access Control) families.
Compliance Cross-References
Zoom for Government's FedRAMP Moderate authorization directly supports DFARS 252.204-7012 compliance by providing adequate security safeguarding of covered defense information through its NIST 800-171 aligned controls. The cloud service satisfies DFARS 252.239-7010 requirements as it operates within the approved AWS GovCloud environment with proper incident reporting to DoD. Key NIST 800-171 control families are addressed: Access Control (AC) through multi-factor authentication and role-based permissions, System and Communications Protection (SC) via FIPS 140-2 validated encryption and secure transmission protocols, and Audit and Accountability (AU) through comprehensive logging and monitoring capabilities. For CMMC Level 2 compliance, Zoom for Government supports Asset Management (AM), Access Control (AC), System Security (SS), and Data Protection (DP) domains through its authorized security baseline. The service aligns with DoD Cloud Computing SRG by operating at Impact Level 2, implementing continuous monitoring, and maintaining proper data sovereignty within US government cloud infrastructure. Organizations can reference the FedRAMP authorization to inherit 200+ security controls, reducing assessment burden while maintaining compliance with defense contractor cybersecurity requirements.
Defense Contractor Use Case
Defense contractors use Zoom for Government for large-scale video meetings and webinars, especially for cross-organizational collaboration where participants may not have access to the same enterprise platform.
Related Products
More Collaboration Products
Related Compliance Assessments
Frequently Asked Questions
What is the FedRAMP authorization level for Zoom for Government?
Zoom for Government is authorized at the FedRAMP Moderate impact level, with authorization granted on 2020-11-18 sponsored by DHS. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.
Can defense contractors use Zoom for Government for CUI?
Zoom for Government is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.
How does Zoom for Government pricing compare to commercial?
Zoom for Government government pricing is generally competitive with commercial pricing, though the government edition may carry a premium of 10-20% to cover FedRAMP compliance and dedicated infrastructure costs. Mid-market organizations can often access government pricing through GSA Schedule contracts or reseller partners. Contact Zoom for a quote tailored to your organization size and requirements.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Zoom for Government FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days