Description
SailPoint is excited to announce Identity Security Cloud now supports Security Assertion Markup Language (SAML) assertion encryption.
To stay compliant with the updated 2024 FedRAMP requirements (FedRAMP Rev 5), our solution must now include encrypted SAML assertions from the identity provider to the service provider. This change is crucial, as failing to implement this would have prevented FedRAMP customers and prospects from using our service and jeopardized our authorization status.
Problem
The US federal government has introduced new FedRAMP requirements, known as FedRAMP Rev 5. One key update mandates that all SAML assertions be encrypted from the identity provider to the service provider (IDN/ISC acting as the service provider). Non-compliance with this requirement would risk our authorization and the usability of our service for FedRAMP customers and prospects.
Solution
To meet the new FedRAMP compliance standards, ISC now supports SAML assertion encryption using a public key from SailPoint. This ensures that the encryption of assertions adheres to FIPS-validated cryptography standards.
Who is affected?
All FedRAMP customers and prospects.
Action Required
Customers should follow the instructions as documented here: Configuring Identity Security Cloud as a Service Provider - SailPoint Identity Services .
This is a non-breaking change and will not negatively impact any existing customers.
Important Dates
SAML Encryption for FedRAMP is available now! There is no deadline to leverage the new configurations.