Microsoft Azure Adds Global Array of New Certifications, including US DoD DISA Level 2

Earlier this year, we highlighted a number of new compliance milestones for Microsoft Azure, including that Azure was the first cloud computing platform to conform to ISO/IEC 27018, the only international set of privacy controls in the cloud. Today I’m pleased to announce four new certifications for Microsoft Azure in four separate countries, bringing our total to 22 certifications and attestations from around the world, more than any other hyper-scale cloud platform provider. Today’s new certifications are:

• United States Defense Information System Agency (DISA) Level 2 Azure was granted a DISA Provisional Authorization for Cloud Security Model Level 2 under a reciprocal agreement with the FedRAMP JAB. DISA Level 2 certification allows Defense agencies to host basic defense applications on Azure.
• Japan Financial Industry Information Systems (FISC) Azure now has been assessed to meet the requirements for The Center for Financial Industry Information Systems (FISC) in Japan. The FISC guidance includes recommendations for banking computer systems security, information system audits, contingency planning, and security policy development, and allows Japanese banks and financial institutions to run cloud services on Azure.
• New Zealand Government Chief Information Officer (GCIO) Azure now meets the requirements for The New Zealand Government Chief Information Officer (GCIO) framework covering security and privacy of cloud services related to data sovereignty, governance and incident response. GCIO provides assurance to New Zealand government organizations that the privacy and security aspects of Azure effectively mitigate privacy and security risks, and address concerns related to data sovereignty.
• Singapore Multi-Tier Cloud Security Standard (MTCS) Level 3 Singapore’s Multi-Tier Cloud Security Working Group of the Cloud Computing Standards Coordinating Task Force recently certified Azure as MTCS level 3. Level 3 is designed for regulated organizations with the most stringent security requirements around critical data.

  These four new certifications are the latest examples of how we are continuing to invest heavily in compliance programs, and in the design and implementation of innovative compliance processes. Azure’s unmatched array of certifications and attestations provide customers with a solid foundation to achieve compliance for the infrastructure and applications they run in Azure. Many thanks to our team of compliance experts, who work with our engineering and operations teams, as well as external regulatory bodies, to help ensure that customer needs are met. Please visit our Azure Trust Center for further information.