Is Proofpoint Essentials Encryption service NIST 800-171 compliant?

Proofpoint has a documented Information Security Program that is aligned with the requirements of NIST 800-53 and ISO 27001.

By it being aligned with NIST 800-53, it is also aligned with NIST 800-171 (DFARS), which is a subset of NIST 800-53. While our commercial offerings are not certified to be compliant with these standards, our security controls broadly address the requirements of these frameworks.

Our security controls address Physical and Logical access, Physical and Personnel security, Change Management, Software Development, Encryption, Continuous Monitoring and Third-Party Vendors. Services are hosted in Tier-3 co-location facilities.

Proofpoint owns and manages all server, storage, network and security devices that host the Services in locked, dedicated cages in those facilities