Microsoft Azure gets FedRAMP stamp of approval
- By Rutrell Yasin
- Oct 02, 2013
Add Microsoft’s Azure to the list of public cloud offerings receiving Provisional Authority to Operate under the government’s Federal Risk and Authorization Management Program. Microsoft is the first company getting the FedRAMP stamp of approval that offers both infrastructure and platform as a service, company officials said.
Windows Azure is an open and flexible cloud platform that lets organizations quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters. The cloud platform has been granted the provisional authority by the FedRAMP Joint Authorization Board, which involves a thorough review by chief information officers of the General Services Administration and Homeland Security and Defense departments.
All cloud services and products in use by the federal government and in active acquisition must be FedRAMP-compliant by June 2014. So it is essential that providers and agencies get accreditations in place, said Matt Goodrich, FedRAMP program manager for GSA.
Windows Azure’s accreditation “demonstrates that different types of cloud services — public to private and infrastructure to software — can meet the rigorous security requirements for FedRAMP,” Goodrich said.
FedRAMP standardizes the approach to security assessment, authorization and continuous monitoring for cloud products and services with a “do once, use many times” framework that is expected to reduce the cost, time and staff required to conduct agency security assessments of cloud solutions.
Seven cloud providers have been granted provisional authority, the highest security level under the program, including Akamai, AT&T, Autonomic Resources, CGI Federal, Hewlett-Packard, Lockheed Martin and Microsoft. Three other cloud services have been granted agency Authority to Operate, including Amazon Web Services’ GovCloud and US East/West offerings, each receiving authorization by the Health and Human Services Department. The Agriculture Department’s National Information Technology Center has also been granted an ATO by the USDA Office of the CIO.
Rutrell Yasin is senior editor for GCN covering cloud computing.