Microsoft Azure Government fulfills a broad range of platform level compliance standards critical to U.S. federal, Department of Defense (DoD), and state and local requirements. Continual investments in U.S. government specific compliance allow customers and partners to transform their mission-critical workloads to the cloud.
Furthering our commitment to be the most trusted cloud, today we are announcing three major Azure compliance additions to support government entities and government partners:
- Information Impact Level 4 DoD Provisional Authorization by the Defense Information Systems Agency: This provisional authorization allows all US Department of Defense (DoD) customers and mission partners to leverage Azure Government for controlled unclassified information—data requiring protection from unauthorized disclosure and other mission-critical data including data subject to export control, privacy, or protected health information, or data designated as For Official Use Only, Law Enforcement Sensitive, or Sensitive Security Information. DoD Authorizing Officials can efficiently use this Provisional Authorization as the basis for their authorization decisions for mission owner systems using the Azure cloud.
- International Traffic in Arms Regulations (ITAR) readiness: This announcement allows customers and partners who store and process International Traffic in Arms Regulations regulated data to leverage Azure Government to conform with these data requirements. Azure Government meets the strict location and personnel requirements required under ITAR by restricting access to US persons and storing data in the US. ITAR commitments are made only in an EA Amendment, please contact your representative for more information.
Art Bellis, vice president for Gimmal, a leader in government compliant records management, affirmed the significance of this news, saying:
“Azure Government achieving ITAR readiness and DISA Impact Level 4 Provisional Authorization significantly helps cloud solution providers like Gimmal address federal and defense industrial base customer requirements. Providing an approved IaaS/PaaS platform enables Gimmal to more rapidly deliver our Records as a Service offering for DOD5015.2 compliance in the cloud. This continues to demonstrate Microsoft’s commitment to building the trusted cloud for government.”
- FedRAMP High Provisional Authorization: Following the successful completion of the FedRAMP High Pilot in March, this provisional authorization allows federal agencies to leverage Azure Government to securely process high-impact level data—that is, data that, if leaked or improperly protected, could have a severe adverse effect on organizational operations or, assets, or individuals.
Matt Goodrich, director for FedRAMP’s program management office at the U.S. General Services Administration, affirmed the significance of this news, saying:
“The creation of the FedRAMP High Security Baseline is essential in allowing agencies to migrate more high-impact level data to the cloud. Microsoft Azure Government’s Provisional Authority to Operate (P-ATO) from the FedRAMP JAB is a testament to Microsoft’s ability to meet the government’s rigorous security requirements.”
These accomplishments, along with our previously announced commitment to deliver a dedicated DoD-only Azure Government regions designed to meet DISA Impact Level 5 and Microsoft’s role in helping the DoD secure and modernize the enterprise, demonstrates our commitment to, and the strength of, our long-standing partnerships. For more information, including information on the in-scope services, please visit our Microsoft Trust Center.
We are excited about these expanded coverages for our US Department of Defense and ITAR customers and partners seeking to deploy solutions on the most broadly validated cloud platform on the market today. To get started today, customers and mission partners may request access to our Azure Government Trial program.
Read more about our FedRAMP High certification on the Microsoft in Government blog post.