Microsoft Azure Government, a collection of cloud software and services for government agencies, has racked up numerous certifications confirming that the platform meets the security requirements imposed by the U.S. federal government. That’s not enough to cut through the red tape for potential customers trying to implement security controls for their cloud environments.
Microsoft’s solution is the Azure Blueprint program, which offers government agencies guidance on using the company’s cloud in a compliant manner.
“The initial release includes documentation to assist Azure customers with documenting their security control implementations as part of their individual agency ATO [Authority to Operate] processes,” Nate Johnson, Microsoft senior manager, explained in an Oct. 12 blog post. “The FedRAMP Moderate baseline Customer Responsibility Matrix (CRM) and System Security Plan (SSP) template are designed for use by Program Managers, Information System Security Officers (ISSO), and other security personnel who are documenting system-specific security controls within Azure Cloud.”
The company is working on updating the CRM and SSP template with baselines addressing FedRAMP High and DISA (Defense Information Systems Agency) Impact Levels 4 and 5, added Johnson.
This week, Azure Government customers also gained access to the Log Analytics service in Operations Management Suite (OMS), Microsoft’s hybrid-cloud management software and services bundle. “It gives you real-time insights using integrated search and custom dashboards to readily analyze millions of records across all your workloads and servers regardless of their physical location,” Sarah Weldon, Microsoft Azure program manager, said in a separate blog post, detailing how to enable the feature.
Finally, Microsoft announced today that Azure App Service is now generally available in Azure Government. Azure App Service is yet another cloud bundle from the company, this time bringing together Azure Websites, Azure Mobile Services and Azure BizTalk Services and enabling developers to build and deploy web and mobile apps. The company is working on narrowing the gap between the government and general public versions of App Services by introducing features like MySQL in-app, VNET (virtual network) integration and the App Service editor in the near future.
Microsoft isn’t the only cloud provider vying for the U.S. government’s IT dollars.
Last month, Oracle announced it was building next-generation cloud data centers in a bid to dethrone Amazon in the increasingly competitive enterprise cloud computing market. The new high-performance cloud-app data centers will target financial services firms, oil and gas companies, the aerospace industry and, of course, the federal government and the U.S. military.
In another cloud-first move, Larry Ellison, co-founder and CTO of Oracle, and formerly its CEO, revealed that Oracle had rewritten roughly 95 percent of its applications, many of which are used by public sector organizations, for deployment in clouds.
In August, Unisys announced it had inked a lucrative cloud computing contract with the U.S. Department of Agriculture. The deal, worth $232 million, involves using a DevOps environment based on Amazon Web Services to modernize its applications and deploy them on the agency’s cloud.