Azure Government announces more industry certifications

Kellogg Brengel

Microsoft is continuing to announce more industry certifications for Azure, specifically for Azure Government this time. As Microsoft keeps acquiring more certifications of security compliance, Azure is becoming more differentiated in the business marketplace as a highly secure option.
The list of the most recent industry certifications includes:

  • FedRAMP Moderate Provisional Authority to Operate – Azure Government (including Azure Active Directory and Multi-Factor Authentication) is certified for US Government Customers as the cloud platform meets the standards and security requirements of NIST 800-53.
  • DISA Level 2 Provisional Authority – this certification, which is also related to the FedRAMP authorization process, allows Department of Defense customers to place DISA Level 2 non-sensitive information and defense applications into Azure Government.
  • HIPAA Business Associate Agreement – Microsoft now provides a BAA addendum to enterprise agreements that brings Azure into compliance with HIPAA; assuring US government customers and partners that private health information will be secure with Azure.
  • Support for federal tax workloads under IRS Publication 1075 – Azure Government provides the features, processes, and transparency for processing federal tax information in accordance with IRS 1075. Microsoft is also making available a review of Azure’s Government IRS 1075 Safeguard Security Report in addition a controls matrix for defining distributed accountabilities for the certification.

Furthermore, Tom Keane, Partner Director of Program Management at Microsoft Azure, says

“Azure Government delivers on the criteria necessary for government agencies and their partners to use cloud services, adding assurance that data will remain in US facilities, datacenter personnel have been screened according to strict guidelines, and continuous monitoring ensures effective incident detection and response.”

This announcement adds to Azure’s increasingly strong security credentials. Earlier this year Microsoft became the only cloud service to comply with the Federal Bureau of Investigation’s CJIS policy, making it an ideal choice for many law enforcement agencies. Keane also adds that, in April, Microsoft previously announced the following certifications for Azure:

  • CDSA for the digital media and entertainment industry.
  • FISC for Japanese financial services organizations.
  • DISA Level 2 for the US defense sector.
  • MTCS Level 3 for the Singapore government.

As Microsoft’s commercial cloud business continues to grow in an increasingly competitive market for cloud providers, these certifications will continue to define one of the major ways how Microsoft differentiates the quality of its service.