Microsoft Azure Earns FedRAMP Approval - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Microsoft Azure Earns FedRAMP Approval

Microsoft's Windows Azure platform passes key security hurdle, joins cloud vendor list for federal agencies.

Top 10 Government IT Innovators Of 2013
Top 10 Government IT Innovators Of 2013
(click image for larger view)
Microsoft has joined a select list of vendors authorized to provide cloud services to the federal government, with the announcement this week that it had received a pivotal security certification from the government's Federal Risk and Authorization Management Program (FedRAMP).

Microsoft's cloud infrastructure and Windows Azure public cloud platform received a Provisional Authority to Operate (P-ATO) from the FedRAMP Joint Authorization Board. The board is comprised of representatives from the Department of Defense (DOD), the Department of Homeland Security (DHS) and the General Services Administration (GSA).

A P-ATO approval eases the process of obtaining federal contracts by ensuring that vendors have gone through the proper security assessment, authorization and monitoring. The authorization covers both infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) offerings.

[ How has cloud computing in government evolved in 2013? See 10 Ways Government Clouds Have Changed This Year. ]

The approval process hasn't been easy for agencies in the past. Complicated security requirements called for reevaluation of already approved platforms whenever a new agency wanted to deploy it. FedRAMP has changed that by creating a standardized approach.

"This not only opens the door for faster cloud adoption, but helps agencies move to the cloud in a more streamlined, cost-effective way," Susie Adams, chief technology officer for Microsoft's federal division, wrote in a blog post.

That addition of Microsoft's offerings comes at critical time as agencies prepare for a June 2014 FedRAMP deadline to meet prescribed security requirements. "It is paramount for cloud service providers and agencies to get compliant ATOs in place," said Matt Goodrich, program manager for FedRAMP's Program Management Office at the U.S. General Services Administration, in a prepared statement. "[Microsoft's provisional authorizations for Windows Azure] demonstrates that different types of cloud services -- public to private and infrastructure to software -- can meet the rigorous security requirements for FedRAMP," he said.

Microsoft received the highest level of FedRAMP P-ATO available, and it's the first public cloud platform with infrastructure services and platform services. Windows Azure is used to build, deploy and manage applications and services through Microsoft-managed datacenters, Adams explained. Microsoft datacenters were also evaluated by the FedRAMP board. "Other Microsoft cloud services are ultimately better aligned to meet these security controls as well," Adams added.

Other companies that have received P-ATO accreditation include AT&T, HP, CGI Federal, Autonomic Resources and Lockheed Martin. Most recently, Amazon was granted authorization in May for AWS GovCloud with the Department of Health and Human Services (HHS), while Akamai got FedRAMP approval in September for its globally distributed, publicly shared cloud platform for federal agencies.

Despite all the effort to move agencies to the cloud, the already lengthy process could get even longer in light of Tuesday's government shutdown. Members of the House and Senate couldn't reach a deal to fund government operations before Oct. 1, resulting in a closure that will last until a funding bill is passed. The disruption is likely to affect the adoption of cloud services and slow down existing projects, according to industry experts, and could potentially push back projects by several months.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Author
10/1/2013 | 8:54:58 PM
re: Microsoft Azure Earns FedRAMP Approval
It's been nearly three years since former Federal CIO Vivek Kundra issued his "Cloud FIrst" memo. Back then, it seemed like cloud computing platforms, as logical as they were, were years away, given the endless hurdles of regulations, inertia, etc. But in reality, this latest ATO is an encouraging sign that momentum is really building for agencies to get to the cloud.
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
The Growing Security Priority for DevOps and Cloud Migration
Joao-Pierre S. Ruth, Senior Writer,  9/3/2020
Dark Side of AI: How to Make Artificial Intelligence Trustworthy
Guest Commentary, Guest Commentary,  9/15/2020
White Papers
Register for InformationWeek Newsletters
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Flash Poll