Windows Azure Gains Federal Security Approval

Microsoft has secured what could be a major coup for its Windows Azure cloud platform and possible governmental use in the United States.

Susie Adams, chief technology officer for Microsoft Federal, announced on The Official Microsoft Blog that her company was notified that “Windows Azure was granted the FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO).” That earns Azure the distinction of being “the first public cloud platform, with infrastructure services and platform services, to receive a JAB P-ATO,” she noted.

Federal Clouds

The Federal Risk and Authorization Management Program (FedRAMP) is a security assessment, authorisation and monitoring program that governs the implementation of federal cloud services. The FedRAMP Joint Authorization Board consists of the chief information officers (CIOs) of the Department of Defense, the Department of Homeland Security and the US General Services Administration.

US federal cloud spending is expected to ramp up in the coming years, according to a recent forecast included in a report from IDC’s Government Insights division. While private clouds are expected to lead the category – $1.7 billion (£1bn) in spending during 2013, reaching nearly $8 billion (£5bn) by 2017 – public clouds will notch some gains.

After a period of flat federal cloud expenditures, which are forecast to last throughout 2014, the market will take off, according to Shawn McCarthy, research director at IDC Government Insights. “Investments should reach a critical mass around 2015 and beyond. A new emphasis on cloud solutions is expected to return within the next 18 months, and private cloud investments should approach $7.7 billion (£4.7bn) by FY2017,” he said in a statement.

The research firm expects federal public cloud spending to grow from $110.4 million (£68m) in 2012 to over $118.3 million (£73m) in 2014. The report portrayed private clouds as “the top choice when it comes to federal cloud solutions” by their intrinsic security, control and privacy advantages. In receiving a JAB P-ATO, Windows Azure is narrowing the security gap with private clouds.

Matt Goodrich, program manager for FedRAMP’s Program Management Office at the US General Services Administration, said in a statement that “Microsoft’s provisional authorisations for Windows Azure [demonstrate] that different types of cloud services – public to private and infrastructure to software – can meet the rigorous security requirements for FedRAMP.”

Security Approvals

Noting that Azure had obtained “the highest level of FedRAMP ATO available,” Adams suggested that her company’s underlying cloud technology platform puts more Microsoft services in contention for government IT contracts. She asserted in company remarks that “Windows Azure and its underlying data centres will help pave the way for FedRAMP P-ATOs for even more Microsoft cloud services.”

Microsoft isn’t focusing on just the feds in its efforts to bolster Windows Azure security. On 26 September, the company announced that Windows Azure multifactor authentication had entered into general availability, enabling IT organisations to add another layer of protection to data stored on Microsoft’s cloud by thwarting unauthorised attempts to access Azure accounts.

How well do you know the cloud? Take our quiz.

Originally published on eWeek.