Hi all, I work for a US Government agency and was recently invited by an NGO partner to participate in an initiative centered around use of the KoboToolbox. I’m interested to know whether Kobo meet requirements for federal government use, including FedRAMP authorization for storing data on the cloud and other relevant requirements.
Apologies if this has already been covered elsewhere in the forum, but any insights or comments are welcome. Cheers, Matt
Based on fedramp.gov, it looks like FedRAMP authorization is a complicated process that must be initiated by a federal agency for each cloud provider individually, not just a blanket set of security policies that anyone can follow. Is that correct? No agency has yet sponsored KoBoToolbox for FedRAMP authorization. Federal agencies (and anyone else) are welcome, however, to run private instances of KoBoToolbox on their own servers: see this link for details.
I’m not aware of any US government agency running KoBoToolbox on their server, but we wouldn’t necessarily know about it since anyone can install it on their own servers. We have had discussions with different USG agencies about installing it on their own premises, and we know that many US government agencies have used the hosted instance of KoBo for different projects.