Microsoft preps its government cloud
- By John Moore
- Mar 19, 2014
Microsoft aims to make its government-centric cloud as close to the commercial version of Azure as possible, while offering security assurances such as the FedRAMP seal of approval.
The Windows Azure U.S. Government Cloud, plans for which were announced in October, took a step closer to availability earlier this month when Microsoft announced that “private previews” of the service were getting underway.
The company said it is working with customers to “identify the workloads that best meet their key scenarios,” noting that a limited public preview will follow the private previews. Microsoft’s government-only cloud is expected to launch this calendar year.
Commercial Azure lets customers spin up Windows and Linux virtual machines, offers storage, backup and recovery services and provides the ability to build and deploy applications. Azure also offers data services via Azure SQL Database and HDInsight, a Hadoop-based capability. Other features include identity and access management for cloud applications.
Susie Adams, federal chief technology advisor at Microsoft, said the company has yet to disclose what particular services will be available when the government version of the cloud launches. The goal, however, is to provide “as much feature parity as possible with public Azure,” she noted.
Some features, however, won’t be duplicated on the government side, such as commercial Azure’s content delivery network (CDN). She said government customers can leverage the commercial CDN.
A key element that will be replicated from the private Azure is its FedRAMP (Federal Risk and Authorization Management Program) accreditation. In September, Microsoft reported that Azure received the FedRAMP Joint Authorization Board (JAB) Provisional Authority to Operate.
The JAB consists of the chief information officers of the General Services Administration, Department of Homeland Security and Defense Department. The JAB assesses the security of cloud solutions, using a standard, governmentwide baseline.
The Provisional Authority to Operate provides an initial approval of the cloud provider’s security measures, what FedRAMP terms an “authorization package.” An agency can take advantage of this earlier security vetting when issuing its own, final Authority to Operate.
Adams said Microsoft will leverage its existing FedRAMP work and apply it to its government community cloud. The company’s U.S. data centers are already included in the Microsoft’s package, she said, adding that the company’s domestic centers will host the government cloud. So, FedRAMP certification becomes a matter of adding the government cloud to the existing FedRAMP Authority to Operate.
“It is not that heavy of a lift for us,” Adams said.
Microsoft’s government community cloud will also address government security concerns regarding data location and data access, according to Adams. She said the cloud and all of its services will be hosted in the continental U.S. and managed by U.S. personnel with government-adjudicated background investigations.
Christopher Hertz, founder and CEO of New Signature, an IT solutions provider and Microsoft partner based in Washington, D.C., said the controls and security around Microsoft’s public cloud are so rigorous that a government customer could occupy the same community cloud as an enterprise customer without the data co-mingling.
But he said there’s a desire among governments to have their data treated differently. Microsoft’s decision to build a separate community cloud for government agencies will “give them extra peace of mind,” he said.
The public version of Azure joins nine other clouds that have achieved FedRAMP JAB provisional authorization, according to the FedRAMP program’s list of compliant cloud systems. Providers on that list include AT&T, HP, IBM and Oracle. Amazon Web Services (AWS) is included on the list of providers with agency FedRAMP authorizations.
Microsoft is the only provider with both infrastructure-as-a-service and platform-as-a-service offerings listed as having JAB provisional authorization. And, indeed, Microsoft views security as a point of differentiation.
As for functionality, Microsoft Azure is nearing parity with AWS and will start to surpass Amazon in some key areas, according to Hertz. He said Azure already has an edge in the ability to support and manage hybrid cloud environments. Microsoft, he noted, can connect Azure to a customer’s on-premise solutions, leveraging its System Center suite.
System Center, he said, provides “system management through one pane of glass for [the] entire infrastructure no matter where it lives.”
Dan Usher, lead associate at Booz Allen Hamilton, said he believes Microsoft’s government community cloud will initially focus on such areas as website hosting. He said agencies tend to set up many Web servers for public affairs offices or informational websites. But those organizations may look to offload website hosting to Microsoft.
“They don’t want to worry about security, configuration and the operations and maintenance -- just farm that out to someone else and pay a nominal cost,” Usher said.
Web hosting could become the service through which agencies gain an introduction to the Azure government cloud. But in the long term, Azure’s big data-related services may prove to be the Microsoft cloud offering with the most impact, Usher said. Microsoft offers HDinsight, Azure SQL Database and Blob (binary large object) storage in that regard.
“While Microsoft competitors do have different big data systems, they don’t have them in the same integrated fashion as Azure does,” Usher said. Putting big data analytics in the cloud will let agencies acquire that service on demand, rather than having to build out infrastructure, he added.
Microsoft, meanwhile, will continue with its government community cloud preview. Kevin Jackson, founder of GovCloud Network, a cloud computing strategy company in Washington, D.C., said such a testing environment will facilitate cloud migration.
“The cloud computing model radically changes the business model for both vendors like Microsoft and users like the U.S. federal government,” he said. “Testing environments like that being provided by Microsoft are an important aspect of this transition.”