MicrosoftMicrosoft Corp. announced Monday that Windows Azure has been granted Provisional Authorities to Operate (P-ATO) from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). This opens the door for agencies to meet U.S. government Cloud First Computing initiatives and realize the benefits of the cloud using Windows Azure.
Windows Azure, a public cloud platform, is an open and flexible cloud platform that enables customers to build, deploy and manage applications across a global network of Microsoft-managed datacenters.
Windows Azure, with its infrastructure services and platform services has received the JAB P-ATO. This level of federal compliance helps assure Microsoft customers that Windows Azure has undergone the necessary security assessments.
FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. The JAB is the primary governance group of the FedRAMP program, consisting of the chief information officers of the Department of Defense, the Department of Homeland Security and the U.S. General Services Administration.
"Given the rigorous process involved in achieving this level of FedRAMP compliance, which includes a greater depth of review than that of an agency-level authorization, Microsoft customers using Windows Azure can trust it meets FedRAMP's rigorous standards," said Susie Adams, chief technology officer, Microsoft Federal. "This is the highest level of FedRAMP ATO available, and it is a great honor for Microsoft to receive this certification. In addition, the pragmatic and holistic approach we took in achieving the provisional ATO for Windows Azure and its underlying datacenters will help pave the way for FedRAMP P-ATOs for even more Microsoft cloud services."
"With the June 2014 FedRAMP security requirements deadline rapidly approaching, it is paramount for cloud service providers and agencies to get compliant ATOs in place," said Matt Goodrich, program manager for FedRAMP's Program Management Office at the U.S. General Services Administration. "The announcement today of Microsoft's provisional authorizations for Windows Azure demonstrates that different types of cloud services — public to private and infrastructure to software — can meet the rigorous security requirements for FedRAMP."
Last week, Microsoft announced general availability of Windows Azure multi-factor authentication to deliver increased access security and convenience for IT and end users. Identity and access management is an anchor for security and top of mind for enterprise IT departments.
Multi-factor authentication on the Windows Azure cloud platform enables an additional layer security for users signing in from around the globe. In addition to a username and password, users may authenticate through an application on their mobile device, automated voice call, and text message with a passcode, thereby meeting user demand for a simple sign-in experience.