Feds Say Windows Azure Meets Key Security Standards
Microsoft's Windows Azure cloud service can now be used for systems that require high levels of security. The U.S. government certified Windows Azure as meeting the FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO).
That means the Windows Azure meets the security requirements of federal agencies looking to use public infrastructure as a service (IaaS) and platform as a service (PaaS), said Susie Adams, chief technology officer for Microsoft Federal, in a blog post.
While many cloud providers already meet FedRAMP requirements, Microsoft claims Windows Azure is the first to meet the P-ATO requirements from the JAB. The FedRAMP JAB P-ATO includes representatives from the Department of Defense, the Department of Homeland Security and the U.S. General Services Administration (GSA).
"Securing a P-ATO from the JAB ensures that when government agencies have a need for an Infrastructure as a Service (IaaS) or Platform as a Service (PaaS), they know that Windows Azure has successfully met the necessary security assessments," Adams said in her post. "This not only opens the door for faster cloud adoption, but helps agencies move to the cloud in a more streamlined, cost-effective way. Additionally, since Microsoft datacenters were also evaluated as part of the JAB review process, other Microsoft cloud services are ultimately better aligned to meet these security controls as well."
Certainly customers -- either government agencies or others that require the highest level of security -- will welcome this latest milestone. But it remains to be seen whether Microsoft's latest cloud security milestone will be enough to overcome concerns over the government's surveillance efforts under such programs as PRISM , as noted in our cover story this month. What's your take on Windows Azure achieving FedRAMP compliance?
Posted by Jeffrey Schwartz on 10/02/2013 at 3:52 PM