Microsoft's Cloud Gets Security Approval from Feds

The U.S. government has certified that Microsoft's Windows Azure cloud service meets the FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO).

That means Windows Azure meets the security requirements of federal agencies looking to use public Infrastructure as a Service (IaaS) and Platform as a Service (PaaS), said Susie Adams, chief technology officer for Microsoft Federal, in a blog post Monday. 

While many cloud providers already meet FedRAMP requirements, Microsoft claims Windows Azure is the first to meet the P-ATO requirements from the JAB. The FedRAMP JAB P-ATO includes representatives from the Department of Defense, the Department of Homeland Security and the U.S. General Services Administration (GSA).

"Securing a P-ATO from the JAB ensures that when government agencies have a need for an Infrastructure as a Service (IaaS) or Platform as a Service (PaaS), they know that Windows Azure has successfully met the necessary security assessments," Adams said in her post. "This not only opens the door for faster cloud adoption, but helps agencies move to the cloud in a more streamlined, cost-effective way. Additionally, since Microsoft datacenters were also evaluated as part of the JAB review process, other Microsoft cloud services are ultimately better aligned to meet these security controls as well."

Certainly customers -- either government agencies or others that require the highest level of security -- will welcome this latest milestone. But it remains to be seen whether Microsoft's latest cloud security milestone will be enough to overcome concerns over the government's surveillance efforts under such programs as PRISM, as noted in this month's Redmond magazine cover story.

What's your take on Windows Azure achieving FedRAMP compliance? Leave a comment below or reach me at [email protected].

Posted by Jeffrey Schwartz on 10/02/2013 at 12:07 PM