We’d like 2FA too. Any news on that?
This is not a solution at all,
If your situation has changed or evolved from the last time we heard from you (which was a while ago now, I see) I will pass along any updates to our Product Development team!
After 4 years, NR still hasn’t built this? This is basically table stakes at this point. Is it even in the roadmap?
Yes it is, @jason21! Thanks for asking. I don’t know specifics on the timeline, but it has been prioritized along with other exciting New Relic developments. I’ll try and update this thread when I learn any new information I can share.
Your FedRAMP authorization has been pending for 2 years… this is a requirement for a FedRAMP ATO. I am surprised it is not being prioritized.
@thomas7 - I can assure you FedRAMP is a priority here. I have reached out to our Security Compliance team here to see if I can get an update for you on that and maybe an update on what has caused delay here. We’ll follow up here once I hear back.
Hey @thomas7 - This is the reply I received from the compliance team based on the context of this thread
New Relic supports SAML in order to provide customers with the ability to use their SSO solution and the flexibility to implement their own authentication policies including MFA. This has allowed customers, including those in the federal space, who would have authentication requirements such as MFA for third party providers to feel confident with the security of our service. New Relic has actually received its agency ATO already from our federal agency sponsor the OMB. We are currently awaiting the FedRAMP ATO at the FedRAMP Program Management Office level. Hope this helps.
By when do you expect the DefRAMP ATO?
Hi @tushar.bhasme - I don’t have an ETA to share right now, that said we do have a dedicated team working on this and hoping for FedRAMP certification as soon as possible.
Strongly request 2FA with yubikey, DoD CAC or other FIPs authorized 2FA. Accepting CAC/PIV MFA capability IS a requirement for your FedRAMP authorization and IS our SSO so telling us to do a “SAML integration with our SSO” is meaningless. For those of us who went to New Relic for FedRAMP capability, this is tablestakes. It is very likely that we are going to have to drop New Relic because of this. I would really like to talk with your CISO.
If your Dev team is having issues setting up CAC /PIV authorization, then talk to our CISO at PortlandLabs. Our Dev team set it up for Liberta Server - concrete5 for DoD and we can give you pointers if you are stuck.
Hey @franz1 - I’m going to chat with the team internally involved with the FedRAMP certification with regards to your questions. I’ll follow up with you when I hear back from them.
Hi @franz1 - Thanks for your patience here. I have heard back from our team working on FedRAMP certification, below is what I have got from them:
Supporting CAC/PIV is a FedRAMP mandate however integration with it through 2FA is not a requirement or prescriptive methodology. It is actually customer system specific. We use SAML SSO to provide federal customers with the ability to leverage their own internal account management and auth system e.g. CAC or PIV.